Cyber security specialist
Tribe Fraud & Cybersecurity
Intern, Full-time, Brussels
Your role & work environment
ING aims to be the most safe and secure bank. We strive to provide our customers with a safe haven for all their assets. Within the CISO office, we believe that ING plays a pivotal role in protecting our society. In a changing and uncertain digital world, we provide our internal and external customers peace of mind by ensuring ING is a front-runner when it comes to security.
The CISO office for ING Market Leaders is a multi-disciplinary team located in Belgium and the Netherlands. We are repsonsible for information security across the Market Leaders organisation (Belgium and the ING retail bank in the Netherlands). In order to be able to keep up with all the security challenges of the future, we are looking for a new colleague for our team in Brussels.
You will join a team of dynamic security professionals that is part of the Fraud and Cybersecurity tribe. Every day will be different working in this team as you will need to engage with both C-level management as operational security professionals. Within the CISO office, you will help bank CISO set the global security policies and ensure local implementation of security capabilities. You will make a concrete contribution to continuously improve the security of all of our assets by assessing and improving our current solutions. Finally, you will ensure that ING remains a front-runner in cybersecurity by keeping up with the latest trends and technologies in cyber security and ensure proper adoption within ING.
Your key responsibilities
- You take on the product owner role for the CISO team in Belgium. This means that you prioritize and steer the backlog for the CISO team based on continuous alignment with our different stakeholders. These main stakeholders include bank CISO, the IT security organisation and the different operational security teams.
- In your product owner role, you ensure all agile ceremonies including sprint planning, standups, sprint review and retro’s.
- As security subject matter expert, you also contribute to the security vision and drive the security roadmap for the organisation together with ML CISO and other stakeholders. You perform and deliver maturity and value assessments of the different security capabilities to identify improvement needs and opportunities.
- You organize and conduct business-facing threat assessment and prioritization sessions, with the goal of identifying top risks and related mitigating efforts (“Security Watch”). You manage the portfolio of security efforts tied to those assessments – examples include, the scoping and execution of red/blue team engagement, the implementation of additional security measures (e.g. identity and access solutions), the execution of specialized training programs, the definition of threat profiles and intelligence gathering in collaboration with the Global Intelligence Centre.
- You own the coordination and support the execution of scenario analysis deep dive sessions with business and IT stakeholders. These sessions aim at identifying specific threats impacting business critical processes and assets and to identify actions and remediations to be implemented. This may include refinement of security event monitoring use cases, strengthening of security baseline designs.
We look for
A colleague with a talent for taking it on and making it happen, enthusiasm for helping others to be successful and a knack for always being a step ahead. In other words, you strive to bring fresh ideas to life and embrace challenges in a fast changing and complex environment. You are a naturally collaborative person who listens and invests in others to achieve common goals. You love to challenge the status quo and are eager to propose creative solutions to problems.
As a cyber security specialist you will also need:
- 10+ years of professional experience in IT or information security
- BS/MS degree in computer science or related field
- Proven experience in product ownership and/ or project management/ road management for large security project. Proven experience in successfully managing stakeholder expectations in complex environments;
- Prior experience in performing threat assessments and scenario analysis and assessing security capability maturity;
- Prior experience in risk management or experience working across lines of defence is an added benefit;
- Applied knowledge of various information security frameworks (e.g. ISO27001, NIST, CIS)
- Excellent command of the English language, preferably supplemented with Dutch or French
- Strong analytical skills and ability to solve high complexity problems
- Outstanding oral and written communication skills
- Strong communication and reporting skills (including C-level reporting)
- Experience of working in complex environments
- Team player and collaborative
We offer you
A clear purpose, a unique offer and a range of flexible compensation and other benefits:
- Personal growth & challenging work with endless opportunities to realise your ambitions
- An informal, dynamic environment with innovative colleagues supporting your endeavours
- A progressive and agile way of working, where new ideas are valued ahead of convention
Furthermore, within the CISO department, you can count on a range of opportunities to invest in your personal and professional growth with:
- Coaching by our agile coaches to take your skills to the next level;
- A diverse range of projects making sure you are always challenged and continue to grow professionally;
- The opportunity to represent ING in industrywide/ national security bodies (Cyber Security coalition, national CERT,…) offering you the opportunity to work with and learn from captains of industry;
- A broad training curriculum, tailored to your personal interests.