Information Security Officer

Information Security Officer

In order to strengthen the delivery organisation, ING Luxembourg is looking for an Information Security Officer on a temporary contract bases.

Job description:
Your mission will be to reinforce a team of Security Officers in order to maintain the bank within its IT risk appetite and participate in the implementation of the DORA regulation. Taking part in several key security activities in close collaboration with the other Security Officers and Tech department.

To achieve this, the Information Security Officer main responsibilities are to:

- Support the implementation of new IT regulations such as DORA, by performing gap analysis, action plan definition, implementation support and/or follow-up;
- Participate with the second line of defence and local stakeholders in local and third parties risk assessments activities: assessing threats, mitigating controls, proposed controls, and their risk levels risk (Inherent, current and residual);
- Collaborate with IT teams to ensure the integration of security measures in system designs and implementations;
- Take part in the day-to-day IT security operations (digital certificate issuing, Non Personal account support, incident reports, incident management, etc.);
- Follow-up and support security controls implementation the different IT Risk security domains: Foundations, Identity and Access Management, Change Management, Platform Security, Operational Resilience and Security Monitoring;
- Take part in internal and external Audits;
- Support other Security officers in their various activities;
- Work with highly collaborative agile teams;
- Maintain good working relations with the other bank teams;

**Profile**:
Competencies/Behaviour:

- Ability to take initiatives and responsibilities;
- Ability to adapt and anticipate;
- Effective communication skills to convey security concepts to technical and non-technical stakeholders;
- Rigor, precision;
- Customer/result orientation;
- Strong team spirit;
- Ability to learn and transmit it;
- Stay updated on emerging threats and security technologies to proactively enhance the organization’s security posture;
- Knowledge of banking environment is appreciated;

Skills:

- Knowledge of security frameworks, standards, and best practices, such as ITIL, ISO27001, OWASP and PCI-DSS;
- Experience with standard Security components: Firewalls, proxies, DLP, Anti-virus, WAF, SIEM, etc;
- Experience with third party contract management;
- Experience with regulatory requirements analysis;
- Experience with standard enterprise tools: Office suite, ServiceNow, CMDB tools, etc.;
- Scripting knowledge to automate recurring tasks, such as Perl, Python, etc.;
- Knowledge of standard developments practices and tooling such as GIT and Azure pipeline;

Expérience:

- Master degree in IT Security, IT Risk management or related domains;
- At least 5 years of experience in IT Security related job (IT security officer, Information Risk Manager, IT Security governance consultant, etc.);
- Related certifications such as CISSP, CISM or similar experience;

Languages:

- A good knowledge of English and a conversational knowledge of French are required;

Your working environment

With over 1000 employees in the Grand Duchy and thanks to the combination of our local presence and the strength of a robust multinational like ING, we offer our personal and business customers a wide range of solutions through the channel of their choice.

ING is a global bank with a strong European base. 53,000 employees serve around 38.4 million customers, corporate clients and financial institutions in over 40 countries. Operating in the Grand Duchy of Luxembourg since 1960 as a universal and accessible bank, our products include savings, payments, investments, loans and mortgages for retail and private banking customers, whom we sever serve online and through our network of branches. For our Wholesale Banking clients, we provide lending, sustainable finance, payment & cash management and fund services.