The IT Risk & Security Expert is responsible for advising, planning, coordinating, and ensuring compliance with IT Risk and Cybersecurity controls across Tribes and IT domains.The role acts as a trusted partner for Product Owners, IT Area Leads, Tribe Leads, Not Retail Areas referents, and Central IT Security functions, ensuring that technology changes and operations adhere to ING Policies, Minimum Standards, and IT Risk frameworksKey Responsibilities1. IT Risk Governance & Control Compliance
Esperienza, qualifiche e soft skill: possiede tutti i requisiti per avere successo in questa opportunità? Lo scopra qui sotto.
Accountable for maintaining the IT Risk & Security compliance of the Tribe's assets, with proper evidence management and reporting.Ensure full compliance with IT Risk controls throughout the Change Management Process, guaranteeing a green before live maturity level.
Define and maintain a sustainable annual IT Risk plan for the Tribe.2. Stakeholder Engagement & Guidance
Engage Tribe Leads, Product Owners, IT Area Leads, third parties and other stakeholders to ensure IT Risk & Cybersecurity controls are identified, embedded, and prioritized in the Tribe backlog.Provide visibility on the risk program, deliverables, walkthroughs, and expected timelines.In case of bigger activities, act as a project manager for the needed task
3. Single Point of Contact for Risk & Security
Act as the SPOC between the Tribe and:CISO teamNot Retail AreasIdentify impediments related to IT & Cybersecurity risks and drive remediation with the appropriate teams.
4. Risk Roadmap & Collaboration with Central Functions
Collaborate with IT Risk & Security COE, CISO, and IT Custodian roles to assess risk impacts, roadmap priorities, and asset specific needs specific needs.Support the Tribe Lead and IT Area Lead in all IT & Cybersecurity Risk–related topics.
5. Training, Awareness & Expertise Sharing
Serve as the focal point for IT & Cybersecurity Risk topics within the Tribe.Continuously train team members—especially new joiners—on controls, templates, processes, and updated risk requirements.
6. Audit & Assurance Support
Support audits, internal and external maturity assessments.
What are we looking for
Solid understanding of GRC frameworks, regulations and compliance standards (ISO/IEC 27001, NIST CSF, CIS, NIS2, SOC 1/2, DORA)Experience in managing policies, KRIs, and risk reporting at the executive level.Project Management and coordination experienceKnowledge of Cybersecurity principles, incident management, and IT control requirements.Strong stakeholder management and communication.Ability to challenge, influence, and support decisionmakers.Analytical mindset paired with structured, risk‐based thinking.The skillset of a team playerTeam working and problem solvingAbility to work in a multicultural working environmentVery good communication skills (at all levels, from professionals to senior managers), verbal and on paper. English is the global professional language in ING
Experience & Education
Degree in Information Technology, Engineering, Computer Science, Economics or equivalent.3+ years of experience in IT Risk Management, Information Security, or Cybersecurity roles, preferably in complex and international environments.Certifications such as CISSP, CISM, CRISC, CISA or equivalent (e.g. Dutch RE) are a plus.
Working conditions: Full TimeDuration: PermanentAbout INGING offers many opportunities to build a diverse and rewarding career. You will be joining an international innovative digital bank, the first in Italy to adopt a fully flexible smart working model, and you will be working in a stimulating environment where you can grow both as an individual and as a professional. Our purpose - empowering people to stay a step ahead in life and in business - represents our belief in people's potential. We don't judge, coach or to tell people how to live their lives. We empower people and businesses to realize their own vision for a better future.#doyourthing is our brand direction with us each and every day. It is how we articulate our purpose and our promise to make banking frictionless to the world.'do your thing' is about people being free to live the life they want to live, knowing that they will make their world a little better for it.Do you think you are "a step ahead"? Apply now!The benefits of joining INGIn addition to being a part of a great team, working in a fun and innovative environment, we offer:
Super flexible smart workingCompetitive base salaries and performance based bonusesDiverse cultures & Innovative mindsetsInternational EnvironmentCommitment to sustainabilityLots of training development opportunities to help you growLots of moments dedicated to physical and mental well-beingA special day off when it is your birthday: we call it #doyourbirthday!And of course we can't forget: free water & coffee at the office!
Our CommitmentDiversity is a fundamental element of our corporate culture, and we are fully committed to creating a safe and inclusive environment, based on mutual respect and the value of diversity, offering equal job opportunities to all qualified candidates.Safety NoticeWe're seeing an increase in fraudulent job offers. To protect yourself, please follow these key guidelines when applying for roles at ING:
Apply only via official ING platforms: ING uses Workday as its internal recruitment system. Applications should be submitted only via our official career site.Check the sender's email carefully: legitimate communication will always come from: @ and/or @myworkday.comNo payments or banking details will ever be requested. If someone asks for this information, it's a scam. xrdztoy
If you suspect suspicious activity, report it immediately. Your safety matters to us.#J-18808-Ljbffr