Helaas is deze vacature inmiddels waarschijnlijk verlopen

Information Risk Management Officer

Medewerker | Risk Management | Ervaren | Amsterdam | 2022-03-08 | REQ-10038471

The opportunity

This new position is part of the Independent Validation Unit (IVU) within the Corporate Information Risk Management (CIRM) department located in Amsterdam, The Netherlands. The role is defined as NFR Specialist – IRM within the global Information Risk Management community, very specifically related to the information risk management activities of CIRM IVU. The role reports hierarchically to the Head of Corporate IRM / Independent Validation Unit.

Roles and responsibilities

The Information Risk Management Officer contributes to the design, preparation and coordination of programs and projects of the NFR and ORM function, to challenge, advise and support the identification, analysis and mitigation by 1st Line of Defense/business of non-financial risks, raising the NFR awareness throughout ING and checks that the 1st Line of Defense/business is complying with the risk appetite and escalates where necessary.

The above translates to the following (non-exclusive) responsibilities:
Provides Quality Assurance on Control Compliance & IT Risk Management activities;
Participates and/or executes Spot Check and/or IT Risk & Maturity Assessments world-wide;
Participates in designated projects, developments or business initiatives, advising on information risks, like IT Risk & Control Automation;
Assists in delivering and facilitating Corporate IRM’s educational services;
Assists with the development of relevant (IT) Risk Tooling;
Provides interpretation of ING Group Information (Technology) Risk policies & Minimum standards;
Reviews various technical documentation – Security Baselines, Functional Specification documents, Application Architectures documents etc.;
Contributes to the development and maintenance of Information Risk Management Framework, Policies, Minimum Standards, Procedures, Methods and Techniques;

Participates in or reviews Information Risk Assessments;
Reviews, challenges and supports, where needed, the business and/or IT for/during risk assessment sessions for identifying information risks;
Performs spot checks for verifying the effectiveness of the implemented (IT) controls and recommend remediation based on the outcome;
Measure and report the implementation of information risk framework throughout the organization;
Performs Second Line Monitoring role in IT Generic Key Control/SOX Testing processes;
Performs and assist in other non-financial risk management activities where the requirements arise.

The team

Within the CIRM IVU, you will be part of a team of IRM Officers located in Amsterdam and Bucharest. The specific tasks of the CIRM IVU team are related to Quality Assurance in Control Compliance and IT Assessments world-wide, providing guidance on Standards and Policies, working on IT Risk & Control Automation, delivering educational services, developing risk tooling and liaising with IT, IT Risk and IT Security functions (1st & 2nd Line of Defence) world-wide.

Working with a variety of internal stakeholders offers an environment which not only provides the global overview on how Information (Technology) risks are managed, but also provides the opportunity to further support the enhancement of the global IT (and Continuity) control framework.

How to succeed

We hire smart people like you for your potential. Our biggest expectation is that you’ll stay curious. Keep learning. Take on responsibility. In return, we’ll back you to develop into an even more awesome version of yourself.

We are looking for a motivated colleague who has the following characteristics and capabilities:
University BSc Degree or equivalent, preferably in IT field;
4 - 8 years’ experience in IT Audit or IT Risk Management;
Knowledge of and experience with IT Audit assignments, IT Control Assessments or IT Risk Assessments;
Collaboration skills and ability to work across both functional and geographical lines;
Pro-activeness and persuasiveness;
Good analytical skills and sound judgment;
Fluent in English (written and spoken);
15% to 25% of travelling is possible in this position (after Covid and depending on any department reorganisation

Would be considered a plus:
Having professional education and an international certification for Information (Technology) /Risk Management (e.g. ISC2, ISACA accreditations);
Knowledge of Banking business, processes, procedures, systems and associated laws & regulations;
Knowledge and experience in one or more IT Security areas.
Rewards and benefits
 
We want to make sure that it’s possible for you to strike the right balance between your career and your private life. You can find out more about our employment conditions at

The benefits of working with us at ING include:

• A salary tailored to your qualities and experience
• 24-27 vacation days depending on contract
• Pension scheme
• 13th month salary
• Individual Savings Contribution (BIS), 3.5% of your gross annual salary
• 8% Holiday payment
• Personal growth and challenging work with endless possibilities
• An informal working environment with innovative colleagues
• Work Agile, so new ideas come to life faster

Questions?

Contact Liselotte Kloppenburg (
) in our recruitment team for more information about this role. Want to apply directly? Please upload your CV and motivation letter by clicking the “Apply” button.

About us

With 57,000 employees and operations in approximately 40 countries, there is no shortage of opportunities for people with initiative who want to help people take a step ahead in life and in business. Do you want to work at the cutting edge of what’s possible and at the same time ensure you work with integrity and hold the customer’s interests at heart? Do you want to be surrounded by progressive, inspiring, diverse and supportive colleagues? Then there is no better place to invest your talents than at ING. Join us. Apply today.

meer...



Meer vacatures van Ing