IT Risk Chapter Leads

Title: IT Risk Chapter Leads

Employer: ING Financial Services, LLC

Location: New York, NY

Salary range: $173,000 – $181,000

Job Description:

Plan, implement, and ensure IT security standards and procedures. Ensure correct implementation and maintain an information security monitoring roadmap aligned with firm KPIs/KRIs, such as IAM, SDR, Change Management, Platform, and Cybercrime. Develop and implement remediation plans for identified IT risk vulnerabilities, working with cross-functional teams locally and globally to ensure ING IT risk remains safe, secure, and compliant. Function as a bridge between Stream aligned and Platform teams and work in a cross-cutting role driving advancement for the IT Governance, Risk and Compliance practice. Align collaboration activities with local and global second lines of risk defense, sharing content and contextual knowledge to provide pragmatic solutions across all IT Risk Pillars. Provide oversight and reporting on the execution of IT security system controls and application security, utilizing an adaptable and secure business-supporting model. This includes, but is not limited to, patch management, security operations, engineering, and security detection and response. Identify opportunities for automation and integration to streamline Security Services. Possess knowledge of Cloud fundamentals, such as Design Patterns and the Shared Security model, to enhance the security testing process (SAST/DAST) under SDLC guidelines. Serve as an expert advisor in the development, implementation, and continuous maintenance of a robust information security “Paradigm Shift Program” to meet ING’s risk appetite. Maintain the risk posture by implementing ING security standards on database or middleware infrastructure, forming the risk opinion for the Paradigm Shift Program. Responsible for security and risk guidelines and support system documentation related to risk requirements. Partner with global outsourced teams to create and update standard operating procedures and reporting. Manage, coach and mentor other IT risk engineers, acting as a role model in developing team capabilities across industry trends, technologies, methodologies, and behaviors.

Minimum Requirements:

Bachelor’s degree or foreign equivalent in Computer Engineering, Electronic Engineering, or a closely related field and minimum five years of experience in any occupation of Information Security Advisor, IT Engineer, or related. Requires CISM, or CISSP or CCSP certification. Must have experience working with: information security, cyber security regulation compliance, IT Audit, and cloud security; network security, cryptography, vulnerability management, and penetration testing; industry regulations and standards including FINRA, PCI, SOC, NIST and ISO, and ensuring that systems and processes are compliant; collaborating with developers, system administrators, and business users; identity and access management, incident response, and security tooling including SIEM, DLP, IDS/IPS, and endpoint protection, EDR/SDR/XDR; and automation tools and techniques to drive IT automation initiatives.

 #LI-DNI