Information Security Risk Analyst
ING is the largest online bank in the whole of Europe and a frontrunner in the transformation of banking. At ING, we believe all sustainable progress is driven by people with the imagination and determination to improve their future and the futures of those around them.
Our story in Romania started in 1994. Here we pioneered the local banking industry, bringing new products and services for local corporate. In 2004, ING extended services to individual clients, with an innovative banking model – ING Self’Bank. Today, ING Romania has over 1,100,000 individual active clients and ING Home’Bank is rated as the best digital banking application.
We’re on a journey that’s centered around our customers, powered by technology and driven by smart, determined people. Sharing the purpose of empowering people to stay a step ahead in life and in business, since 2015, ING Tech Center develops banking solutions in the fields of Core Banking Development, Financial Markets and Data Management for ING Group, including ING Bank Romania. By using the latest methodologies in software development, our fast growing team gathers more than 500 tech enthusiasts who work for international projects that go beyond traditional banking.
There has never been a more interesting time to work at ING.
Why work for us? Here’s a snapshot of our perks:
•Work from Home
•Flexible Work Schedule
•Agile Way of Working
What you bring to the team
• University BSc Degree or equivalent, preferably in IT field;
• 2 – 6 years` experience in IT/IT Security/IT Audit or Risk Management areas;
• Knowledge of Banking business, processes, procedures and systems and associated laws & regulations;
• Collaboration skills and ability to work across both functional and geographical lines;
• Good analytical skills and sound judgment;
• Fluent in English (written and spoken);
• Willing to travel internationally if needed;
• Experience in Business Continuity Management & having professional education and/or multiple international certifications for Information (Technology) Security (e.g. ISC2, ISACA accreditations) would be considered a plus.
This new position will be created within the ING Regional Information Risk Management Centre (IRIC) and will be located in Bucharest, Romania. The role is defined as a ‘Information Security Risk Analyst’ within the global Information Risk Management community, very specifically related to the regional information risk management activities (including Second Line Monitoring). The role reports hierarchically to the Head of the ING Regional Information Risk Management Centre (IRIC).
The primary role of the IRIC in Bucharest will be providing support to the ING Bank Information Risk Management community in performing Risk Monitoring activities for Romania based ING entities (e.g. ING Services and ING Bank Romania). Also, other information risk management related activities might be provided by the IRIC to ING entities in countries geographically surrounding Romania (e.g. Turkey). This will help ING business units as well as Corporate Information Risk Management (CIRM) to manage the IT Risk profile of ING Bank in a sound manner.
Within the IRIC Romania, you will be part of a team of Information Risk Management (IRM) Officers and Business Continuity Management (BCM) Specialists dedicated to support the global Information Risk Management functions on various IRM and BCM related activities to ensure that IT risk and Continuity risk are adequately managed.
Working with a variety of internal stakeholders offers an environment which not only provides the global overview on how IT and Continuity risk are managed, yet also provides the opportunity to further support the enhancement of the global IT and Continuity control framework.
• Supporting the Head of IRIC Romania with research, fact finding, collecting evidence and documenting activities;
• Contributing to the development and maintenance of Corporate Information Risk Management Strategy, Framework, Policies, Minimum Standards, Procedures, Methods and Techniques;
• Providing interpretation of ING Group IT Risk Policies & Minimum Standards;
• Participating in, challenging and periodically reporting upon the risks of key strategic (IT/BCM) programs and projects;
• Participating in and challenging risk assessments (including Data Classification, Business Impact Assessments or detailed IT Risk assessments) on specific Operational Risk or Information Risk projects and programs;
• Measuring and reporting the implementation of Information (Technology) security framework throughout the organization;
• Supporting strategic and ad-hoc risk analyses, risk papers and risk reports with fact finding, researching and documenting activities;
• Supporting the identification of the impact of and the coordination of responses to law and regulatory changes, internal & external audit reports, etc. and monitoring the follow-up on the regulatory issue solving;
• Contributing to the development and maintenance of a curriculum and training programme, and to training of the IRM-BCM community.
• Performing planned/spot checks for verifying the effectiveness of the controls implemented;
• Reviewing & challenging the Key Control Tests results;
• Performing and assisting in other information risk activities where the requirements arise.