... ING Office of the CISO focuses on cybersecurity steering, threat & vulnerability management and response. We translate key risks, business requirements and applicable laws & legislations into architectures and...
Background
ING Office of the CISO focuses on cybersecurity steering, threat & vulnerability management and response. We translate key risks, business requirements and applicable laws & legislations into architectures and accompanying enterprise-wide security programmes to achieve ING's strategic objectives, while delivering threat detection and response services to the ING organization on a global level. The objective of the Security Strategy & Architecture department is to ensure that business strategy and cybersecurity implementations are aligned on an ongoing basis taking into account applicable technology solutions, good practices, risk appetite and cost targets.
Main activities are:
Leading the design, providing guidance and performing verification of architecture implementation on global programmes, specifically:
High Privileged Access
Access security
Endpoint security
Network security
Security monitoring and incident response
Defining, maintaining and verifying Enterprise Reference Architectures where needed
Providing global security advisory on design and implementation matters
Advisory/lead role to (security) engineers
Advisory role in defining security standards
Writing vision/position papers
Key Responsibilities
Strategic advice to the CISO Office
Gathering requirements, collecting context data, analysing the business needs, and providing input to support the strategic decision-making processes. Challenging the validity of given procedures, processes, policies and systems
Advising Engineers, Domain Architects, Enterprise Architects, (IT) business and the CISO in identifying, justifying and design/development of the required solutions, including scope definitions and qualitative business cases
Supporting the development of technology vendor strategy and performing impact analysis on solution/service implementations
Architecture artefacts lead and delivery
Formulating and testing hypotheses and drawing conclusions to determine appropriate security solutions/services for ING in a global perspective
Designing Architecture on conceptual and logical levels ensuring the optimal match between technology, fit-to-infrastructure (feasibility of deployment), costs, user acceptance, measurability, and flexibility/scalability together with a virtual team of Domain and Enterprise Architects
Specifically designing key components that must be enforced and can be measured automatically
Maintaining and updating the Global Architecture/Security Standard taking relevant (technological, organisational) changes into consideration as well as keeping pace with innovations and trends in the industry/market
Communication and verification
Presenting and delivering verbal and written messages to other architects and engineers within ING, senior specialists and senior executive management
Defining and presenting final solution and impact on the organisation, and sustaining the rationale for the solution/service
Organising and providing trainings, workshops, video conferences and working with international (virtual) teams on the topic of Security Architecture
Enforcing and verifying the correct implementation of the Global Architecture throughout the ING organisation
Building and maintaining a sustainable network of specialists inside and outside ING
Intellectual capital & knowledge sharing
Initiating and leading knowledge sharing activities
Keeping professional knowledge up-to-date and translating external innovations and trends into useable information
Requirements
Fluent in technical and conceptual aspects of cybersecurity, specifically on:
Access controls
Endpoint and platforms
Networks
Background in Computer Science or Mathematics/Physics
At least 10 years of professional experience in the field of IT, and at least 5 years in the field of cybersecurity
CISSP
Furthermore the following personal profile:
Ability to take ownership and responsibility
Expertise and demonstrated track-record in driving and steering multidisciplinary teams
Excellent analytical skills and clear way of expressing abstract concepts
Experience in producing and presenting Security Architectures on a conceptual and logical level
Experience in effective communication on senior management level
Excellent writing & reporting skills in English
Familiarity with risk/threat models, Enterprise Architecture concepts and their relationships
Determination to continuously develop your (technical) expertise and knowledge
Willingness to travel (up to 25%, mainly in Europe)
Vul in waar je vergelijkbare vacatures zoekt en vergeet je e-mailadres niet!
We heten wel YoungCapital, maar iedereen is even welkom. Ook als je al wat meer ervaring hebt. Meer weten? Check onze FAQ.