Senior Incident Responder in Amsterdam

Senior Security Incident Responder

Department: CISO

Background

The Global CISO organisation of ING is responsible to assist ING management, business and other tribes in providing customer friendly services in a safe and secure way. Business leaders and CISO are jointly responsible for bank-wide security. CISO is mandated to drive required change in all domains, business and IT. Within CISO, the Security Defence Center (SDC) is responsible for security incident management, threat management, threat hunting and forensics.

The senior security incident responder works within the SDC and is responsible for security incident handling. Apart from this core task, the security incident responder will also take up responsibilities in threat management and forensics. Development of an expertise area is also part of the job.

With the expertise on security incident response, he or she will deliver necessary know how and skills within the squad to realize the squads shared purpose to mitigate cyber and insider attacks as soon as possible in order to minimize business impact for ING, day by day.

The senior security incident responder:

- verifies and analyses incoming alerts and other notifications, takes mitigating actions and ensure timely closure of security incidents

-works together with cyber threat hunters and analysts

- works together with the squads that implement detection functionality (rules and models) to ensure lessons learned are put on the backlog and continuous improvement is achieved.

Key Responsibilities

The senior incident responder is:

• Working independently and in teams to mitigate security incidents.
• Expert in security response tooling, preferably highly skilled on Microsoft security tooling
• Identifying functional and non-functional requirements from stakeholders, aimed to provide high quality security detection and response for ING’s application landscape
• Taking up tasks to automate security response
• Supporting development of the vision and roadmap for the security detection and response services of CISO (which are aligned with the overall vision and roadmap for the department)
• Providing expertise to structure, prioritize and coordinate backlog (i.e. addressing functional and non-functional requirements)
• Maintaining relations within the global and local security teams
• Reporting on progress of activities to the Head of SDC

Audit & Compliance

• Work with the Head of SDC to ensure compliance of the security incident response services

Requirements

Proven track record and technical skills:

• Master’s degree in Cybersecurity , computer science or comparable degree
• 5-10 years’ professional experience and relevant information security. Ideally in larger companies and corporate consulting experience is required.
• Subject matter expert in the area of security incident response
• Excellent understanding of IT platforms, networking and (application) log data
• Good understanding of (security) data analytics, quantitative modelling of data and data research
• Strong knowledge of current security technologies and emerging trends in the area of security detection or monitoring
• Good oral and written communication skills
• Ability to simplify complexity and drive operational excellence
• Ability to support yourself and other team members in development
• Good computer forensics skills (Windows, Linux, Cloud)
• Good level of English
• Experience in a financial environment is a plus