IT & Cyber Risk Specialist @ Bank

Discover ING Bank

ING believes in a world where everyone has the right to grow and progress in their own way. We express this in our global tagline, "do your thing". Perhaps more than in any other large company, we extend our belief in the power of autonomy to our own people. But there's a catch. In return for great freedom, we expect people to do great things for our customers, our stakeholders, and ING at large.

To work here is to be surrounded by people who are energetic, ambitious, friendly and respectful: talented specialists who take the responsibility and autonomy to make great things happen. We stay curious, thrive on change, and seek new and better ways to make it happen. Active in Romania for 30 years, ING Bank pioneered and challenged the local banking industry. Technology and innovation are at the core of what we do, making our products relevant for our customers' lives and businesses.

ING Bank Romania is the only bank with an organic growth within the top 10 local banks by assets, without acquisitions of client portfolios or other banks. ING Bank Romania is an universal bank with more than 1.8 million customers from three business segments: individuals (retail), SME and Mid-Corporate companies and Wholesale Banking.

Join us

Mission

Our IT and Cyber Risk management team is committed to protecting ING from evolving IT and Cyber Risks by coordinating the implementation of effective IT risk governance, cultivating a risk mindset, reporting on IT and cyber risk, automating the risk process, governing third-party with respect to IT security and showing adherence to laws and regulations.

Your day-to-day

Support the local IT & Cyber Risk community to manage IT & Cyber Risk in ING's domestic business lines;

Liaise with internal 1LoD, 2LoD and 3LoD stakeholders: ING Business Lines, senior management, NFR Information & Technology (IRM), and Corporate Audit Services (CAS);

Advise local process owners in designing and implementing IT and Security processes and systems to manage and report IT & Cyber Risk;

Provide trainings to ING local Business Lines on security related topics;

Review and analyze (new) regulations, policies, standards and guiding principles. Integrate and communicate relevant risk and control-related changes to stakeholders in 1st, 2nd or 3rd Line of Defense (LoD);

Gather and process information from ING's entities to facilitate reporting to senior stakeholders;

Build and deliver consolidated reporting on IT process and information technology and security risks;

Support ING local Business Lines in Risk and Control Self Assessments to ensure alignment with policies, regulations and standards;

Provide advice on and support the establishment of a culture and mindset with a strong engineering mindset on risk management.

What you bring to the team

Knowledge of IT risk management: assess inherent, residual risks considering various scenarios and compensating controls;

Knowledge of IT security Controls: Identity and Access Management processes, Vulnerability Management, Change Management, Platform Security and other IT & Cyber Security areas;

Knowledge of IT Operations: Agile way of working, IT processes like Incident, Problem, Change Management;

Analytical skills;

Attention to details;

Communication.

What we offer

Impactful work in a fun and collaborative environment;

Open-concept offices designed for both team work and relaxation;

Corporate events and social gatherings;

Hybrid way of working with flexible working schedule and short week options;

Monthly budget on Benefit platform;

Extra annual leave days depending on the total length of working experience;

Growth opportunities through upskilling/ reskilling programs and a variety of learning and development platforms: ING Learning Centre, Udemy, Bookster, as well as through trainings and certifications;

Possibility to access Internal roles, International Short-Term Assignments or Long-Term Assignments;

Context to make an impact through Sustainability and Corporate Social Responsibility projects.