Information Risk Management Practitioner
- Amsterdam, Noord-Holland, Netherlands
- Permanent, Full time
- 22 Sep 17
Information Risk Management Practitioner
ING is looking for...
an Information Risk Management Practitioner
ING Corporate Information Risk Management (CIRM) department is searching for an Information Risk Management Practitioner (IRM Practitioner). CIRM resides within the Non-Financial Risk domain. You will hierarchically report to the Head of CIRM. Within the Non-Financial Risk domain, CIRM has a responsibility for the development and maintenance of the non-financial risk management framework - especially policy setting and advisory - with a focus on Information (Technology) Risks and Continuity Risks. It is also responsible to provide direct IRM and BCM support to the Corporate Departments in Amsterdam (Tier 2) as well as Challengers & Growth Markets and Wholesale Banking.
CIRM focuses amongst others on Information (Technology) Risk:
- Information Technology (IT) - concerns managing Information (Technology) Risks within IT Governance, IT Management and IT Security;
- Operational Resilience - concerns measures to ensure Availability of Business Services;
- Information Management - concerns managing Information (Technology) Risks within the lifecycle of information and use of information to the benefit of the stakeholders.
- You are a practitioner in the field of Information (Technology) Risk Management, possessing knowledge of IRM and IT processes.
- You are able to deal with and advise on standard matters that are a major concern to lower level management of ING Bank.
- You are a trusted IRM advisor, who directs, advises and supports the identification, analysis and mitigation by 1st LoD/business of risks to ING that result from inadequate security of information (supporting business applications, IT processes, databases and supporting infrastructure), with the aim of assuring reliability of information, integrity and the availability of systems.
- You challenge and monitor IT risk management processes and quality.
As IRM Practitioner your role is to:
- Support the Corporate Head of IRM and BCM (CIRM) of ING Bank with research, fact finding, collecting evidence and documenting activities;
- Contribute to the development and maintenance of CIRM Strategy, Framework, Policies, Minimum Standards, Procedures, Methods and Techniques;
- Support the functional oversight of the global IRM community by means of QA reviews as part of our functional steering role;
- Be a trusted IRM advisor towards 1st LoD management and 1st LoD and 2nd LoD NFR risk specialists;
- Participate in, challenge and periodically report upon the risks of key strategic (IT/BCM) programs and projects;
- Participate and challenge in risk assessments on specific Operational Risk or Information Risk projects and programs, taking direction over junior ORM, BCM and IRM colleagues;
- Support strategic and ad-hoc risk analyses, risk papers and risk reports with fact finding, research and documenting activities;
- Supports the identification of the impact of and the coordination of responses to law and regulatory changes, ECB reports, etc. and monitors the follow-up of the regulatory issue solving.
- Contribute to the development and maintenance of a curriculum and training programme, and to training of the IRM-BCM community.
Your work environment
ING is restructuring its IT processes, controls, and infrastructure to transform itself into a Digital Bank with the goal of end-to-end "straight through processing". Information Risk Management uses sound principles of risk management to ensure that the quality and security aspects of information within the ING Bank are maintained at acceptable levels which are proportionate to its value and criticality. The team supports and directly works for the Corporate Head of IRM. The team performs functional oversight over the IRM functions globally and acts as expert centre for Information (Technology) Risk Management. In this position travelling (20 - 40%) is required to give support to ING entities across the globe.
What we are looking for
Professional risk management behavioural competencies including:
- Good judgment
- Learning agility
- Experience as IRM Practitioner with at approx. 6 years in risk areas that are relevant for Information (Technology) Risk Management
- Track record as IRM, IT audit and/or IT (Security) practitioner
- Knowledge of Banking business, processes, procedures and systems.
- Collaboration skills and ability to work across both functional and geographical lines
- Ability to earn trust and respect of clients, colleagues and management
- Ability to be firm when needed and show flexibility when possible
- Good analytical skills and sound judgment
- University BSc Degree or equivalent
- Professional education and multiple international certifications for Information (Technology) Risk Management (e.g. RE, ISC2, ISACA accreditations)
- Fluent in English (written and spoken)
Please click on Apply and upload your CV & Motivation.
For inquiries please contact Dirk.Jan.van.der.Poel@ing.nl
We are looking forward to your application!