Associate, Security Engineer

Details

In Americas, ING’s Wholesale Banking division offers a broad range of innovative financial products and services to domestic and international corporate and institutional clients.

When you come to work at ING, you’re joining a team where individuality isn’t just accepted, it’s encouraged. We’ve built a culture that’s fun, friendly and supportive – it’s the kind of place where you can be yourself and make the most of whatever you have to offer.

We give people the freedom to take risks, think differently, take ownership of their work, and make great things happen. We’re here to help you get ahead. And with our global network, there’s plenty of scope to take your career in new directions, perhaps even ones you’ve never considered.

Sound like the kind of place you’d feel at home? We’d love to hear from you.

About the position:

This role is part of a diverse Information Security team tasked with maintaining and improving the Information Security program posture of the organization. This individual will drive resolutions to control-related matters, proactively identify regulatory or security gaps, collaborate with vendors and IT peers to tackle governance related matters, and ensure the IT organization aligns to different security standards and frameworks.

We are seeking an intermediate skilled Security Engineer to join our Americas region information security team. As a Security Engineer at ING, you will work closely with other members of the Information Security team to ensure the security of our information systems and data.

In addition, we are looking for an individual who is seeking to take on shift left security to mature overall information security. The future candidate of this role must be a well-rounded risk practitioner, well versed in information security norms and who also possesses a wide range of knowledge across multiple methodologies of Cybersecurity, IT Risk and IAM best practices.

Responsibilities

• Ownership for the IT risk controls and processes groups in line with existing Wholesale Banking paradigm shift strategic initiative.
• Advise local process owners in designing and implementing IT and Security processes and systems to manage and report IT & Cyber Risk.
• Expected to have a thorough understanding of Identity and Access Management realms and stay up to date with latest security standards, as well as best practices around Identity and Access Management (IAM) patterns.
• Managing the execution of critical processes and in the evaluation and adoption of IAM across ING applications.
• Serve as a subject matter expert advisor to information security team in the development, implementation, and maintenance of a strong information security program to meet ING risk appetite.
• Liaison and enable DevOps engineers in providing quality control execution to support IAM onboarding and implementation of controls.
• Design, implement and monitor security safeguards and their continuous effectiveness in an emerging Cybersecurity threat landscape.
• Develop a risk culture, liaison for IT security standards, providing governance and support.
• Ability to develop and implement information security strategies in the banking industry while improving the security posture.
• Experimental mindset to drive innovation.
• Conduct regular security assessments and audits to identify, mitigate and escalate potential security risks.
• Stay up to date with the latest security trends, tools, and best practices to continuously improve our security posture.
• Responsible to maintain comprehensive documentation of security processes, tools, and procedures.

Qualifications and Competencies

• B.S. in Computer Science (or equivalent major) or significant job experience. Top candidates will possess one or more market leading security certifications (e.g. CISM, CISA, CISSP).
• At least 3-5 years’ experience in Information Security practices and preferably in IAM.
• Technical expertise and experience with Microsoft MFA, CyberArk, Azure Active Directory.
• Strong programming skills in languages such as Python or similar.
• Hands-on experience with Azure and its security services.
• Knowledge: In-depth understanding of security principles Confidentiality, Integrity & Availability.
• Compliance: Knowledgeable in industry cyber security regulations & laws.
• Communication: Clearly communicate complex technical information to both technical and non-technical stakeholders, such as senior management, auditors, and regulators.
• Collaboration: Work effectively as part of a team and collaborate with other stakeholders, such as developers, system administrators, and business users.

Benefits

In addition to comprehensive health benefits, a generous 401k savings plan, and competitive PTO, ING provides a broad array of benefits including adoption, surrogacy, and fertility services; student debt assistance; and subsidies for expenses associated with commuting and fitness.