Information Risk Officer

Employer: ING Romania
Domain:
  • Banks - Financial Institutions
  • IT Software
  • Job type: full-time
    Job level: 1 - 5 years of experience
    Location:
  • BUCHAREST
  • Updated at: 29.05.2020
    Short company description

    ING is the largest online bank in Europe and a front-runner in the transformation of banking. ING is present in Romania through 2 entities: ING BANK and ING TECH.  

    ING BANK ROMANIA
    Our story in Romania started in 1994. Here we pioneered the local banking industry, bringing new products and services for local companies. In 2004, ING extended services to individual clients, with an innovative banking model: ING Self’Bank.
    Today, ING Bank Romania has more than 1.100.000 individual active clients and ING Home’Bank is rated as the best digital banking application.

    ING TECH ROMANIA
    We’re on a journey that’s centered around our customers, powered by technology and driven by smart, determined people. Sharing the purpose of empowering people to stay a step ahead in life and in business, ING decided to open in Bucharest a global hub for technology & innovation in 2015, developing IT solutions in areas such as Core Banking, Global Retail Solutions, Data Management, Financial Markets and Wholesale Banking for ING Group, including ING Bank Romania.
    By using the latest methodologies in software development, our fast growing team gathers more than 600 tech enthusiasts who work for international projects that go beyond traditional banking.

    There has never been a more interesting time to work at ING.

    Why join us? Here’s a snapshot of our perks:
    • People development • Work from home • Wellbeing programs • Global opportunities • Flexible work schedule • Staff discounts • Agile way of working • Awesome culture • Future-oriented banking.

    Requirements

    What you bring to the team:

    University BSc Degree or equivalent, preferably in IT field;
    2– 6 years’ experience in IT/IT Security/IT Audit or Risk Management areas;
    Collaboration skills and ability to work across both functional and geographical lines;
    Good analytical skills and sound judgment;
    Fluent in English (written and spoken);

    Responsibilities

    The role is defined as an Information Risk Officer within the global Information Risk Management community, very specifically related to the regional information risk management activities (including Second Line Monitoring).

    The role reports hierarchically to the Head of the ING Regional Information Risk Management Centre (IRIC).
    The primary role of the IRIC in Bucharest will be providing support to the ING Bank Information Risk Management community in performing Risk Monitoring activities for Romania based ING entities (e.g. ING Services and ING Bank Romania). Also, other information risk management related activities might be provided by the IRIC to ING entities in countries geographically surrounding Romania. This will help ING business units as well as Corporate Information Risk Management (CIRM) to manage the IT Risk profile of ING Bank in a sound manner.
    Within the IRIC Romania, you will be part of a team of Information Risk Management (IRM) Officers and Business Continuity Management (BCM) Specialists dedicated to support the global Information Risk Management functions on various IRM and BCM related activities to ensure that IT risk and Continuity risk are adequately managed.

    Supporting the Head of IRIC Romania with research, fact finding, collecting evidence and documenting activities;
    Contributing to the development and maintenance of Corporate Information Risk Management Strategy, Framework, Policies, Minimum Standards, Procedures, Methods and Techniques;
    Providing interpretation of ING Group IT Risk Policies & Minimum Standards;
    Participating in, challenging and periodically reporting upon the risks of key strategic (IT/BCM) programs and projects;
    Participating in and challenging risk assessments (including Data Classification, Business Impact Assessments or detailed IT Risk assessments) on specific Operational Risk or Information Risk projects and programs;
    Measuring and reporting the implementation of Information (Technology) security framework throughout the organization;
    Supporting strategic and ad-hoc risk analyses, risk papers and risk reports with fact finding, researching and documenting activities;
    Supporting the identification of the impact of and the coordination of responses to law and regulatory changes, internal & external audit reports, etc. and monitoring the follow-up on the regulatory issue solving;
    Contributing to the development and maintenance of a curriculum and training programme, and to training of the IRM-BCM community.
    Performing planned/spot checks for verifying the effectiveness of the controls implemented;
    Reviewing & challenging the Key Control Tests results;
    Performing and assisting in other information risk activities where the requirements arise.

    Other info

    Would be considered a plus:

    Knowledge of Banking business, processes, procedures and systems and associated laws & regulations
    Experience in Business Continuity Management & having professional education and/or multiple international certifications for Information (Technology) Security (e.g. ISC2, ISACA accreditations)