Security Assessment Services (SAS) is a department with in CISO organization. SAS focuses on strengthening IT Security strategy of the bank and keeping it sharp to meet the cyber security challenges. The team focuses on capturing knowledge regarding real world threats and ensures the gap between threat perception and actual impact is constantly reduced. In this way SAS ensures that ING is focusing on areas of absolute relevance within information security and putting the best foot forward when it comes to defense measures.
The activities take place in a multicultural team with a global scope. Standard language is English.
For this role “Level 1” screening is required.
The Security Consultant focusses on the overall global security for ING bank . You will work towards using security assessments as a mechanism to strengthen the security strategy and keep it sharp to meet the challenges posed by evolving cyber threats.
The Security Consultant provides oversight and vision on all aspects pertaining to Security Assessments and Security Readiness. The candidate is responsible to provide accurate assessments of security threats, via hands on exercises and is able to advise on mitigation of found gaps. The candidate will provide Subject Matter Expertise to management in areas specific to computer/network security threats, vulnerabilities and guide towards best practices ,standards and solutions.
Hands on mentality to IT security and proven security champion track record are a pre requisite to this role.
Who are you?
- Proven passion in the field of IT Security
- Project management experience with technical background is required
- Strong experience in security assessments as one of your core skill set
- Hands on experience with the security of infrastructure, applications and networks
- You are an enthusiastic, social, ambitious team member with the goal to add value to our department
Characteristics: Problem solving, Transparent, Result driven, Entrepreneur, Team player, Flexible, Pragmatic, Accurate, No 9-5 mentality, Can do- can do now attitude.
Skills and Experience:
- Education level: Bachelor
- Experience in specific domains of information security
- Independent thinker with functional and technical ability to execute follow up and advise where necessary on identified gaps
- Fluency in both Dutch and English
- Experience with topics related to operation security such as vulnerability scanning and penetration testing
- Advanced understanding of concepts related to RED Teaming execution
- Ability to interact with senior stake holders
- Good understanding of platforms like mainframe, tandem third party applications and Operating Systems.
- Able to operate at an advanced level of written and spoken communication; including writing professional reports and making corporate style power point presentations to explain findings
- Conducts complex analytical functions by performing deep analysis on vulnerability trends by using advanced functions of MS excel and MS access database
- Coordinating security operations in an international environment
- Analyzing and reporting on security service performance indicators
- knowledge in evasion and hacking of threat detection or monitoring techniques
- Prior experience working as an employee or consultant for a bank, government or defense agency is a plus
- CISA / CISSP certification
- Familiarity with a broad range of enterprise infrastructure and application products