Information Security Officer
ING
- Luxembourg
- CDD
- Temps-plein
- Support the implementation of new IT regulations such as DORA, by performing gap analysis, action plan definition, implementation support and/or follow-up;
- Participate with the second line of defence and local stakeholders in local and third parties risk assessments activities: assessing threats, mitigating controls, proposed controls, and their risk levels risk (Inherent, current and residual);
- Collaborate with IT teams to ensure the integration of security measures in system designs and implementations;
- Take part in the day-to-day IT security operations (digital certificate issuing, Non Personal account support, incident reports, incident management, etc.);
- Follow-up and support security controls implementation the different IT Risk security domains: Foundations, Identity and Access Management, Change Management, Platform Security, Operational Resilience and Security Monitoring;
- Take part in internal and external Audits;
- Support other Security officers in their various activities;
- Work with highly collaborative agile teams;
- Maintain good working relations with the other bank teams;
- Ability to take initiatives and responsibilities;
- Ability to adapt and anticipate;
- Effective communication skills to convey security concepts to technical and non-technical stakeholders;
- Rigor, precision;
- Customer/result orientation;
- Strong team spirit;
- Ability to learn and transmit it;
- Stay updated on emerging threats and security technologies to proactively enhance the organization’s security posture;
- Knowledge of banking environment is appreciated;
- Knowledge of security frameworks, standards, and best practices, such as ITIL, ISO27001, OWASP and PCI-DSS;
- Experience with standard Security components: Firewalls, proxies, DLP, Anti-virus, WAF, SIEM, etc;
- Experience with third party contract management;
- Experience with regulatory requirements analysis;
- Experience with standard enterprise tools: Office suite, ServiceNow, CMDB tools, etc.;
- Scripting knowledge to automate recurring tasks, such as Perl, Python, etc.;
- Knowledge of standard developments practices and tooling such as GIT and Azure pipeline;
- Master degree in IT Security, IT Risk management or related domains;
- At least 5 years of experience in IT Security related job (IT security officer, Information Risk Manager, IT Security governance consultant, etc.);
- Related certifications such as CISSP, CISM or similar experience;
- A good knowledge of English and a conversational knowledge of French are required;
ING is a global bank with a strong European base. 53,000 employees serve around 38.4 million customers, corporate clients and financial institutions in over 40 countries. Operating in the Grand Duchy of Luxembourg since 1960 as a universal and accessible bank, our products include savings, payments, investments, loans and mortgages for retail and private banking customers, whom we sever serve online and through our network of branches. For our Wholesale Banking clients, we provide lending, sustainable finance, payment & cash management and fund services.