Opdrachten

ING Bank N.V. - IT Security & Risk professional

Security & Risk professional

Info

Functie

Security & Risk professional

Locatie

Amsterdam

Uren per week

36 uren per week

Looptijd

31.08.2022 - 31.08.2023

Opdrachtnummer

117235

Sluitingsdatum

date-icon15.08.2022 clock-icon08:08

Rolomschrijving en taakafspraken

The opportunity
The GS IAM Centre of Excellence consists of IT Security professionals that operate from Amsterdam and Pune (India) with a technical focus on Identity and Access Management. The members are typically experienced, they have diverse interdisciplinary technical and/or security backgrounds.

Your team (9 FTE) takes a business-centric approach to IAM, aligned with internal stakeholders like CISO, 2nd line and the IT Security Tribe. Together with your squad, you co-author a cohesive Security & Risk Strategy, a roadmap (schedule, cost, effort, benefit model) for strategy implementation and you’re responsible for delivering risk awareness throughout Group Services.

The team
As a first line Expert Team the GS IAM CoE offers support and guidance on all IAM related activities to management and the DevOps teams of Group Services / BSF such as: guidance and consultancy on control implementation, control execution, control evidencing, IAM Risk scores, IAM improvement plans, etc. as well as reviews on authorization designs prior to implementation of access rights.

The immediate cause for this vacancy is the fact that WPS has joined Group Services last year, with that change the GS IAM Centre of Excellence will also start servicing the WPS domain. This means that the activities of the team are expanding and the workload is increasing.
Previously the IAM control implementation and evidencing workload of the WPS domain was outsourced by WPS to Fujitsu, which leads to the fact that there is still a lot of gain to be made by supporting the WPS teams with their IAM activities for which they are now responsible.

Roles and responsibilities
You are an energetic and proactive Security & Risk professional with a passion for Identity and Access Management control execution and evidencing with a positive, can-do mentality. You are a natural team player who forms relationships based on social skills rather than hierarchical structure.
In your role you are guiding, steering and advising the engineers on the work floor, but you are also able to provide formal updates to management and advice on a higher strategic level.

What will you do? What are you responsible for?
• Providing support, explanations and workshops, custom build to fit the needs of the WPS squads and their way of working.
• Linking pin between Tech PL (responsible for IAMaaS activities), some still active Fujitsu externals, the GS IAM Center of Excellence and the WPS domain.
• Align with IAM main stakeholders of the other domains on overarching topics.
• Monitor the IAM risk score (RMM) of WPS and proactively think about improvement points.
• Monitor on expiring IAM controls and act on it.
• Align with IRM (2nd line of defence) on IAM control implementation and evidence,
• Proactively think along in operational alignment opportunities between the WPS organization and the rest of Group Services.
• You are a trusted advisor who knows how to handle discussions with different stakeholders
• Providing a quarterly IAM MBB update via the Global IAM team.

How to succeed
We hire smart people like you for your potential. Our biggest expectation is that you’ll stay curious. Be proactive. Keep learning. Take on responsibility. In return, we’ll back you to develop into an even more awesome version of yourself.

• Wide understanding of IAM processes and technologies
• Most preferable candidate worked previously as a Security / Senior OPS engineer within the ING.
• Familiar with IT Risk frameworks / Policy’s / Standards.
• Preferably familiar with the ING (IAM) framework of Policy, Minimum Standards, controls, RMM, ITRMP etc.
• Preferably one or more advanced security certifications demonstrating a broad knowledge of the information security field such as;
- CISSP, SCCP, ISSAP, CISA, CISM, GSEC
• Great English communication skills, verbal as well as written
• Natural motivation and drive to take end-to-end ownership
• Curiosity to always look for innovation opportunities
• Track record of consulting/advising activities

Bedrijfsgegevens

Bedrijfs gegevens

ING Bank N.V. - IT

Rolomschrijving en taakafspraken

The opportunity
The GS IAM Centre of Excellence consists of IT Security professionals that operate from Amsterdam and Pune (India) with a technical focus on Identity and Access Management. The members are typically experienced, they have diverse interdisciplinary technical and/or security backgrounds.

Your team (9 FTE) takes a business-centric approach to IAM, aligned with internal stakeholders like CISO, 2nd line and the IT Security Tribe. Together with your squad, you co-author a cohesive Security & Risk Strategy, a roadmap (schedule, cost, effort, benefit model) for strategy implementation and you’re responsible for delivering risk awareness throughout Group Services.

The team
As a first line Expert Team the GS IAM CoE offers support and guidance on all IAM related activities to management and the DevOps teams of Group Services / BSF such as: guidance and consultancy on control implementation, control execution, control evidencing, IAM Risk scores, IAM improvement plans, etc. as well as reviews on authorization designs prior to implementation of access rights.

The immediate cause for this vacancy is the fact that WPS has joined Group Services last year, with that change the GS IAM Centre of Excellence will also start servicing the WPS domain. This means that the activities of the team are expanding and the workload is increasing.
Previously the IAM control implementation and evidencing workload of the WPS domain was outsourced by WPS to Fujitsu, which leads to the fact that there is still a lot of gain to be made by supporting the WPS teams with their IAM activities for which they are now responsible.

Roles and responsibilities
You are an energetic and proactive Security & Risk professional with a passion for Identity and Access Management control execution and evidencing with a positive, can-do mentality. You are a natural team player who forms relationships based on social skills rather than hierarchical structure.
In your role you are guiding, steering and advising the engineers on the work floor, but you are also able to provide formal updates to management and advice on a higher strategic level.

What will you do? What are you responsible for?
• Providing support, explanations and workshops, custom build to fit the needs of the WPS squads and their way of working.
• Linking pin between Tech PL (responsible for IAMaaS activities), some still active Fujitsu externals, the GS IAM Center of Excellence and the WPS domain.
• Align with IAM main stakeholders of the other domains on overarching topics.
• Monitor the IAM risk score (RMM) of WPS and proactively think about improvement points.
• Monitor on expiring IAM controls and act on it.
• Align with IRM (2nd line of defence) on IAM control implementation and evidence,
• Proactively think along in operational alignment opportunities between the WPS organization and the rest of Group Services.
• You are a trusted advisor who knows how to handle discussions with different stakeholders
• Providing a quarterly IAM MBB update via the Global IAM team.

How to succeed
We hire smart people like you for your potential. Our biggest expectation is that you’ll stay curious. Be proactive. Keep learning. Take on responsibility. In return, we’ll back you to develop into an even more awesome version of yourself.

• Wide understanding of IAM processes and technologies
• Most preferable candidate worked previously as a Security / Senior OPS engineer within the ING.
• Familiar with IT Risk frameworks / Policy’s / Standards.
• Preferably familiar with the ING (IAM) framework of Policy, Minimum Standards, controls, RMM, ITRMP etc.
• Preferably one or more advanced security certifications demonstrating a broad knowledge of the information security field such as;
- CISSP, SCCP, ISSAP, CISA, CISM, GSEC
• Great English communication skills, verbal as well as written
• Natural motivation and drive to take end-to-end ownership
• Curiosity to always look for innovation opportunities
• Track record of consulting/advising activities

De recruiter

Valentina Ji

FastFlex

Deel deze opdracht

Privacy Preference Center