Head of Security Defence Centre

Head of Security Defence Centre (Expert Team Lead at Global Security Detection & Response – Global CISO)

ING is looking for
An experienced Security Defence Centre (SDC) Expert Team lead who will be responsible for the proactive cybersecurity threat response and incident management operations within ING Bank Globally.

Job description
The Expert Team lead will manage the day-to-day SDC operations including the following;

• Pro-active threat response and incident management,
• Regular reporting on security incidents and events
• Preparing status updates for major stakeholders
• Mentoring the incident responders and continuously improving processes and operations
• Coordinating incident response with local incident management teams from ING business units
• Participating in organization and execution of tabletop exercises, stress tests and simulation
• Providing regulatory and control compliance of incident management domain
• Maintaining contacts with similar units from financial industry and other CERT/CSIRT organisations

The head of SDC manages a team of highly skilled security professionals and collaborates with various multi-functional teams within and outside ING. He/she builds and maintains senior-level partnerships and provides advice to senior management and peers. The head of SDC needs to continuously improve and optimize processes and should contribute to overall improvements of Security Detection & Response capability of ING Bank.

Your work environment
The SDC Is part of the Security Detection & Response Tribe, a part of the Global CISO Organisation, including Attack Surface Management, Enterprise Security Architecture and other key functions of Global CISO. The SDC team is distributed across different regions but works close together as one. The SDC’s mission is to manage cyber security incidents and to respond to cyber threats on a regional and global scale. The primary objective of the SDC is to minimize the impact of incidents on our customers an organization.

Your profile
Successful candidates have proven experience, knowledge and skills similar to the below:

• Leadership and management skills to lead a team of highly skilled IT security professionals and ability to work collaboratively across multi functional teams in an agile environment
• Work experience in a CSIRT/VCERT organization, cyber threat intelligence, cybercrime expertise & response teams, red & blue teams or similar
• Hands-on experience in coordination incident response and forensic investigations
• Creative and flexible mindset and experience in working in an agile environment
• A results driven approach focused on protecting the business, adequately assessing priorities as well as a strong focus on delivering the results that matter.
• Quickly understands a complex landscape and has strong organizational sensitivity
• Drive improvement of operational capabilities that contribute to long-term operational excellence
• Very good communication skill to maintain relations with high profile external security stakeholders and internal senior leadership about cyber threats and technology aspects of incidents
• Representation of ING’s SDC to the external environment and financial industry forums and working groups
• In depth knowledge and experience in the field of IT security, incident response and forensic investigations
• Proven experience of working withing a cybersecurity organization and thorough knowledge on cyber-attack techniques and methodologies
• Setting the right priorities and making swift, effective decisions during incidents
• Ability to balance security concerns with business context and impact
• Ability to apply threat information to the corporate and technology context
• Strong analytical mind-set with the ability to form and develop strategic plans
• General knowledge of current cyber security and information security practices, principles, tools and techniques
• Experience and knowledge in evidence seizure, computer forensic analysis and data recovery
• Experience with or exposure to regulatory and industry compliance frameworks and audits (e.g. DORA, ISO27001, PCI, Sox)

Desired qualifications

• University degree in information technology, cyber security or equivalent education
• 5+ years of experience within the cyber security domain
• Experience as line manager of a cyber security or engineering team
• International work experience with strong network within international security initiatives
• Preferably knowledge of the financial sector, IT infrastructure and/of application development
• Knowledge and skills understanding of content, proven by advanced trainings and /or industry certification (e.g. SANS)