Position: Challengers & growth countries CISO (short: C&G CISO)
ING, recently voted best global bank, is on an exciting journey to transform itself into a next generation digital bank, offering an integrated digital platform where customers can find solutions for all their finance-related needs.
INGs Challenger & Growth (C&G) business line is one of three core markets, serving circa 25 million customers in 10+ countries outside the Benelux and representing approximately half of ING’s assets and profits. Our countries range from Europe to Asia and Australia, covering Retail and Wholesale customers and SMEs.
The Global CISO organisation of ING is responsible to assist ING management, business and other tribes in providing customer friendly services in a safe and secure way. Business leaders and CISO are jointly responsible for bank-wide security. CISO is mandated to drive required change in all domains, business and IT. The C&G CISO role is a new position to set up the CISO function in C&G, reporting hierarchically to the COO C&G and functionally to the global ING CISO.
Assists ING Banks Global CISO in formulating vision and strategy, setting objectives for Security and translate these objective into targets, whilst balancing the interests of all stakeholders and focusing on the customer’s interests
Partners with Challengers & Growth markets Business & IT leaders to develop a cohesive security strategy, and a roadmap (schedule, cost, effort, benefit model) for strategy implementation
Responsible for ensuring security vision and strategy is rolled out consistently across Challengers & Growth countries
C&G CISO hierarchically reports to C&G COO and functionally reports to global CISO
Member of MT C&G COO and global CISOs management team (MT)
Manages the C&G CISO CoE team, which is a small team of security experts to support C&G CISO, and the C&G regional/country CISOs, which is a virtual team (employees have functional line to C&G CISO) and sets annual objectives and targets
Functionally steers the risk/security professionals in C&G CIO/C&G CoE IT-Risk & Security team and sets annual objectives and targets
Provides security directions for core new projects/solutions/services being designed, constructed, and delivered within the C&G span of responsibility
Monitors and reports on execution in terms of vision and strategy to global CISO
Proactively advises the C&G countries, and challenges where necessary
Monitors adequate organisation of security activities and provides guidance around security
Actively raises awareness among staff and responsible for establishing available awareness tools and trainings on security. Rollout security curriculum across C&G countries.
Mentors, develops, and grows next generation security leadership
Understands and optimises costs for security activities and staff; Manages cost development and required investments
Encourages the C&G teams to initiate improvements focusing on the efficiency and quality of security services
Stays on top of developments in security and financial services; shares and embeds lessons learned
Proactively engages with the broader CISO community
Collaborate with compliance, risk and IT to ensure required monitoring is in place to meet our security & regulatory requirements and to provide enhanced monitoring and provides insight in security performance & metrics
Partners with external and internal teams/financial institutes/regulators/government bodies to share knowledge including threat intelligence
Develops and maintains an internal/external, international/domestic network in order to promote ING’s interests, to increase his/her own professionalism and contribute to knowledge-sharing
Contributes to the development of ING Bank security control frameworks and reference architectures based on (internal and external) threats identified
Coordinates roll-out and monitors adherence to IT security standards and anti-fraud standards
Has escalation/veto power in relation to business activities that are judged to present unacceptable threats to ING; Acts as point of escalation for security issues
Oversees, manages and responds to major threats and security incidents
Collaborates with Data Protection Officer to protect data subject to data privacy regulations and collaborate on data breaches security incident management
Supports security related audits
Steers the operation of existing applications and services owned by security
Reviews and approves risk acceptances/waivers from security perspective as a member of the risk committee
Our COO team is all about excellence: we are international, fast-paced, truly passionate about operational excellence and we love what we do. We are looking for people to join us who can make change happen: with strong strategic and conceptual thinking and exceptional analytical skills, content knowledge, outstanding leadership and stakeholder management skills (to engage and influence at all levels), and an ability to deliver high quality outcomes under pressure. In addition, we need people who are highly motivated, with a great sense of humour, and who are able to work in highly complex and international environments. Oh yes, and we do wear jeans!
Proven track record and expertise:
10 years professional experience at management level and relevant information security & fraud management experience. Ideally in large international companies and/or corporate consulting experience.
Subject matter expert in the area of Information Security. Certifications like CISSP and CISM are highly recommended. CISA and other specific information security or fraud management certifications are considered useful
Strong working knowledge of pertinent law in C&G countries
Experience in a financial environment is a plus
Excellent written & spoken English essential. Multiple languages preferred
Masters degree or equivalent
Whats in it for you
ING is one of the most innovative and exciting banks in the world and there are lots of opportunities to learn and grow. Moreover, working in the C&G COO team will give you a unique vantage point to understand how ING works globally and locally and to have a true impact on its transformation journey!