Job Description

Expert lead – IT Security, Asia Your role and work environment The purpose of CoE IT Security is ensuring ING will be amongst the safest banks and will be seen as a leader in (IT) security. We assist WB Tech Globally in being successful in IT Risk and IT Security. Overall, we ensure that IT Risk and IT Security is part of our DNA. The CoE IT security is responsible for securing WB Tech environments globally. You help to create a cohesive IT Security Strategy, a roadmap for strategy implementation and you’re responsible for delivering security & risk awareness throughout WB Tech. Location: Singapore Your key responsibilities Together with the people in your squad, you are responsible for implementing IT Security capabilities and delivering security & risk awareness throughout WB Tech, and more specifically within the Asia Teams. Preferably you have 7 to 10 years’ experience working on IT Security topics to easily participate in various technical (security) discussions and drive the integration of IT Security in the DevOps way of working. The role is supporting all the facets of IT Security with the main focus in managing activities such as: Security Advisory

• Security Architecture and Design
• Application Security and Control Implementations
• IT Security/Risk Assessments, 1st line security challenge
• Assessments of regulatory guidelines/notices related to IT and Security.

Security Operations

• Management of Security Tooling
• Reporting and monitoring of Key risk items
• Incident response and follow up
• Data leakage/unauthorized data exfiltration monitoring for Asia
• Security monitoring and Security Scanning
• Key Control Testing

Security Testing

• Penetration Testing activities (internal/external).
• Vulnerability and Patch Management
• DAST/SAST, Configuration review

We are looking for: You are an energetic and proactive IT Security professional with a passion for the securing WB Tech environments and a positive, “Do it-Try it-Fix it” mentality. You are a natural team player who forms relationships based on social skills rather than hierarchical structure. You have the personality and the capabilities to optimally function within an Agile environment. You have a proven experience in both IT Security and Risk, are passionate about Information Security Education and background

• Risk and security mind-set, having both IT and IT security background
• Strong technical knowledge and awareness; including software development, infrastructure, engineering, and operations.
• Strong Team Player and have experience in working with teams in and across multiple locations.
• Professional and intellectual IT skills at bachelor or university level
• Must hold at least one of the recognised Information Security credentials such as Certified Information Security Systems Professional (CISSP), Certified Information Security Manager (CISM) or Certified IT Systems Auditor (CISA).
• Familiar with Information/Cyber Security Framework, IT Security Standards and Asia regulations.
• Have experience in reviewing Service Organization’s Control Compliance reports such as SOC 2 type 2, OSPAR