The Senior IT Risk Analyst will be accountable for delivering all Risk Management activities within the CTO department. She/he will be responsible for tracking the remediation and efforts following the provided information, supporting stakeholders and aiding them in prioritizing those efforts through assessing the risk severity.
The successful candidate will contribute as a Risk Subject Matter Expert to designing, implementing, and supporting OT/IT technology solutions and OT best practices within Italy/Holland sites. This role works within the Platform Tribe team, liaising with other cyber security, Networking and Tribes units and ensuring all the landscapes are secure and compliant with company requirements (global/local).
Key responsibilities:
1. Continuously identify, assess, measure and monitor information technology risk by performing hands-on risk assessments.
2. Perform evidence-based information security risk assessments for internal and external systems and applications, providing position statements with recommended action items and options, including impact analysis to ensure information resources are adequately protected with appropriate security controls that ensure compliance with policy and standards.
3. Work closely with other Risk units, Internal Audit, Procurement, & Compliance, to identify compliance baselines from regulatory requirements and corporate objectives.
4. Support key initiatives designed to identify emerging risks that could impact our ability to deliver on our strategic objectives
5. Participate in trend analyses to develop conclusions and make recommendations to relevant parties
6. Serve as a trusted risk advisor
7. Perform assessments on the impact of strategic changes on our technology landscape
8. Contribute to the development of whitepapers, assessments, and briefs based on research that can be leveraged to drive change and create heightened awareness
9. Responsible for working with the Service Providers.
10. Responsible for ensuring the highest level of service availability and efficiency as benchmarked against industry standards and consistent with enterprise goals and constraints.
11. Provides oversight and instruction for Patching, Vulnerability and Infrastructure Lifecycle delivery.
12. Demonstrates strong ability in engineering processes with an understanding of Agile methodologies.
13. Support the design of new on-premise and cloud-based data center technologies in collaboration with key stakeholders to support Operational technologies following a Risk-based approach.
Requirements
14. BS/BA in Information Technology or Business and a minimum of 5 years relevant work experience in information security, risk, or controls.
15. Understanding of information frameworks (ISO27001, NIST, COBIT).
16. CRISC, CISSP, CISA, CISM, ISO27001 Lead Auditor Highly preferred.
17. Deep experience with ITIL or ISO 20000 and PM Methodologies ( Agile, PMO or PRINCE2 )
18. Fluent in English ( almost upper intermediate )
19. Excel advanced level.
Soft Skills
20. Leadership
21. Excellent negotiation skills
22. Excellent relational skills
23. Teamwork
24. Management skills and interaction with stakeholders
25. Problem solver
26. Customer Centricity
27. Excellence in execution
Duration: Permanent
Location: Milan (hybrid)
About ING
The benefits of joining ING
In addition to being a part of a great team, working in a fun and innovative environment, we offer:
28. Super flexible smart working
29. Competitive base salaries and performance based bonuses
30. Diverse cultures & Innovative mindsets
31. International Environment
32. Commitment to sustainability
33. Lots of training development opportunities to help you grow
34. Lots of moments dedicated to physical and mental well-being
35. A special day off when it is your birthday: we call it #doyourbirthday!
36. And of course we can’t forget: free water & coffee at the office!
Our Commitment
Diversity is a fundamental element of our corporate culture, and we are fully committed to creating a safe and inclusive environment, based on mutual respect and the value of diversity, offering equal job opportunities to all qualified candidates.