Chief Information Security Officer C&G in Amsterdam

Chief Information Security Officer C&G

Date: February 1th 2019

Department: C&G COO & COO/CISO

Position: Challengers & growth countries CISO (short: C&G CISO)

Background

ING, recently voted best global bank, is on an exciting journey to transform itself into a next generation digital bank, offering an integrated digital platform where customers can find solutions for all their finance-related needs.

ING’s Challenger & Growth (C&G) business line is one of three core markets, serving circa 25 million customers in 10+ countries outside the Benelux and representing approximately half of ING's assets and profits. Our countries range from Europe to Asia and Australia, covering Retail and Wholesale customers and SMEs.

The Global CISO organisation of ING is responsible to assist ING management, business and other tribes in providing customer friendly services in a safe and secure way. Business leaders and CISO are jointly responsible for bank-wide security. CISO is mandated to drive required change in all domains, business and IT. The C&G CISO role is a new position to set up the CISO function in C&G, reporting hierarchically to the COO C&G and functionally to the global ING CISO.

Key Responsibilities

• Strategy
  • Assists ING Bank’s Global CISO in formulating vision and strategy, setting objectives for Security and translate these objective into targets, whilst balancing the interests of all stakeholders and focusing on the customer's interests
  • Partners with Challengers & Growth market’s Business & IT leaders to develop a cohesive security strategy, and a roadmap (schedule, cost, effort, benefit model) for strategy implementation
  • Responsible for ensuring security vision and strategy is rolled out consistently across Challengers & Growth countries

• Leadership
  • C&G CISO hierarchically reports to C&G COO and functionally reports to global CISO
  • Member of MT C&G COO and global CISO’s management team (MT)
  • Manages the C&G CISO CoE team, which is a small team of security experts to support C&G CISO, and the C&G regional/country CISOs, which is a virtual team (employees have functional line to C&G CISO) and sets annual objectives and targets
  • Functionally steers the risk/security professionals in C&G CIO/C&G CoE IT-Risk & Security team and sets annual objectives and targets
  • Provides security directions for core new projects/solutions/services being designed, constructed, and delivered within the C&G span of responsibility
  • Monitors and reports on execution in terms of vision and strategy to global CISO
  • Proactively advises the C&G countries, and challenges where necessary
  • Monitors adequate organisation of security activities and provides guidance around security
  • Actively raises awareness among staff and responsible for establishing available awareness tools and trainings on security. Rollout security curriculum across C&G countries.
  • Mentors, develops, and grows next generation security leadership

• Financial
  • Understands and optimises costs for security activities and staff; Manages cost development and required investments
  • Encourages the C&G teams to initiate improvements focusing on the efficiency and quality of security services

• Knowledge
  • Stays on top of developments in security and financial services; shares and embeds lessons learned
  • Proactively engages with the broader CISO community
  • Collaborate with compliance, risk and IT to ensure required monitoring is in place to meet our security & regulatory requirements and to provide enhanced monitoring and provides insight in security performance & metrics
  • Partners with external and internal teams/financial institutes/regulators/government bodies to share knowledge including threat intelligence
  • Develops and maintains an internal/external, international/domestic network in order to promote ING's interests, to increase his/her own professionalism and contribute to knowledge-sharing
  • Contributes to the development of ING Bank security control frameworks and reference architectures based on (internal and external) threats identified
  • Coordinates roll-out and monitors adherence to IT security standards and anti-fraud standards
  • Has escalation/veto power in relation to business activities that are judged to present unacceptable threats to ING; Acts as point of escalation for security issues
  • Oversees, manages and responds to major threats and security incidents
  • Collaborates with Data Protection Officer to protect data subject to data privacy regulations and collaborate on data breaches security incident management
  • Supports security related audits
  • Steers the operation of existing applications and services owned by security
  • Reviews and approves risk acceptances/waivers from security perspective as a member of the risk committee

Requirements

Our COO team is all about excellence: we are international, fast-paced, truly passionate about operational excellence and we love what we do. We are looking for people to join us who can make change happen: with strong strategic and conceptual thinking and exceptional analytical skills, content knowledge, outstanding leadership and stakeholder management skills (to engage and influence at all levels), and an ability to deliver high quality outcomes under pressure. In addition, we need people who are highly motivated, with a great sense of humour, and who are able to work in highly complex and international environments. Oh yes, and we do wear jeans!

Proven track record and expertise:

• 10 years’ professional experience at management level and relevant information security & fraud management experience. Ideally in large international companies and/or corporate consulting experience.
• Subject matter expert in the area of Information Security. Certifications like CISSP and CISM are highly recommended. CISA and other specific information security or fraud management certifications are considered useful
• Strong working knowledge of pertinent law in C&G countries
• Experience in a financial environment is a plus
• Excellent written & spoken English essential. Multiple languages preferred
• Master’s degree or equivalent

What’s in it for you

ING is one of the most innovative and exciting banks in the world and there are lots of opportunities to learn and grow. Moreover, working in the C&G COO team will give you a unique vantage point to understand how ING works globally and locally – and to have a true impact on its transformation journey!