IT Security Engineer

  • Negotiable
  • London, England, United Kingdom
  • Permanent, Full time
  • South Africa GSC
  • 19 Feb 19

We are looking for an energetic and proactive IT Security professional with a passion for the securing WB Tech environments and a positive, "Do it-Try it-Fix it" mentality. You Enhancing the security controls and ultimately make ING safer, forming a close cooperation with and between the DevOps squads and having an agile Way of Working.

Your key responsibilities

Together with the people in your squad, you are responsible for implementing IT Security capabilities and delivering security & risk awareness throughout WB Tech. You're familiar with the application environments within WB Tech globally. Preferably you have been a DEV or OPS engineer in order to easily participate various technical (security) discussions and drive the integration of IT Security in the DevOps way of working.

Your main focus will be on the following IT Security capabilities:

  • Secure SDLC (incl. code review, requirements setting, security config.)
  • Application Security (incl. application hardening, pen testing)
  • Server & Endpoint Security (incl. malware protection, HIPS, hardening)
  • Network Security (incl. firewalls, malware protection & IDS, segmentation)
  • Data Security (incl. DLP, encryption services & key management)
  • Operational Resilience
  • IT & Sec Risk Assessment
  • Drive Control Implementation
  • Key Control Testing and SoX
  • Data Analysis & Reporting
  • Manage Third Party & Cloud Security
  • Vulnerability and Patch Management
  • Security Monitoring & Alert Handling
  • Automate and simplify Security & Risk Controls
  • Designing technical Security Solutions

Education and background

  • A personality and the capabilities to optimally function within an Agile environment
  • Experience in guiding and realising change
  • Professional and intellectual IT skills at bachelor or university level, preferably IT Master
  • Extensive experience in both IT Security and IT Risk
  • You have a background in IT engineering area, preferably in Agile teams as a DevOps Engineer
  • Track record of consulting/advising Certification in and / or proven skills in Security and Risk (CISSP certification is mandatory to have or to obtain within 6 months)
  • Excellent oral and written command of English
  • Experience/affinity with Wholesale Banking is an advantage

Your role and work environment

The purpose of CoE IT Security is ensuring ING will be amongst the safest banks and will be seen as a leader in (IT) security. We assist WB Tech Globally in being successful in IT Risk and IT Security. Overall we ensure that IT Risk and IT Security is part of our DNA.

The CoE IT security is responsible for securing WB Tech environments globally. You help create a cohesive IT Security Strategy, a roadmap for strategy implementation and you're responsible for delivering security & risk awareness throughout WB Tech. You're familiar with the application environments within WB Tech globally in order to be able to participate in various discussions and drive the integration of IT Security in the Agile and DevOps way of working.