Job Description

ING BankING Bank covers Wholesale and Retail Banking in Asia Pacific. Our Wholesale Banking business is present and active in 11 major economies in the Asia Pacific, namely Australia, China, Hong Kong SAR, India, Indonesia, Japan, Philippines, Singapore, South Korea, Taiwan and VietnamTogether with the people in your squad, you are responsible for implementing IT Security capabilities and delivering security & risk awareness. Preferably you have been a DEV or OPS engineer background in order to easily participate in various technical (security) discussions and drive the integration of IT Security in the DevOps way of working. Your main responsibilities in IT Security are:

• Execute and review vulnerability scans and penetration test results, propose & agree upon mitigation actions.
• Assessment of network security and technical assurance of platforms security
• Evaluate impact from unresolved/unpatched vulnerabilities and security issues.
• Review current corporate policies and help redefine procedures for better security.
• Participate in global security engineering guilds to harmonize security practices.
• Provide deep level subject matter expertise for specific technologies based on potential implementation risks.
• Review and define requirements for information security solutions.
• Assess applications for design related security risks and assist teams in determining appropriate remediation for issues identified.

Your additional responsibilities are:

• IT & Security Risk Assessment
• Security Design
• Key Control Testing
• Data Analysis & Reporting
• Configuration/build review activities

We are looking for:You are an energetic and proactive IT Security professional with a passion for the securing WB Tech environments and a positive, \xe2\x80\x9cDo it-Try it-Fix it\xe2\x80\x9d mentality. Enhancing the security controls and ultimately make ING safer, is a challenge to you. Close cooperation with and between the DevOps squads is your greatest achievement.This role requires emphasis on the following:

• You have excellent problem-solving skills and are passionate about IT Security.
• You are inspiring and show energy and passion.
• You are interested to bring one way of working regarding the implementation of IT Security & IT Risk controls across countries.
• You are able to design technical Security solutions

Education and background

• Risk and security mind-set, security background
• Strong technical knowledge and awareness; including software development, infrastructure, engineering and operations.
• Good understanding of network and application security.
• Experience with application security toolset \xe2\x80\x93Checkmarx CxSAST, Acunetix, Webinspect
• Strong Team Player and have experience in working with teams in and across sites.
• Professional and intellectual IT skills at bachelor or university level
• 5 years\xe2\x80\x99 of relevant working experience as IT Security engineer.
• Must hold at least one of the following certifications: Certified Information Security Systems Professional (CISSP), and/or Certified IT Systems Auditor (CISA).
• SANS GSSP-Java/Net or CSSLP certification, Offensive Security Certified Professional (OSCP) or relevant certifications from other vendors is a plus.
• Strong proficiency in both verbal and written English

ING