Job Role: IT Risk Engineer
Location –Amsterdam, Netherlands
Job Duration: 6-12 month contract
Working Mode: Hybrid
Job Description:
You’ll be responsible for:
• Don’t take things for granted!!!
• Challenge and motivate teams on Risk and security
• Quality checks on ITRMP IT Risk evidence delivered by the teams and perform the FLM check (stage 8)
• Review (incl. approve/decline) the Operational Security Baseline delivered by the teams
• Lead Risk sessions and meetings for the tribe and participate in Business Impact Analysis (BIA), Detailed Risk Assessment (DRA)
• Advise/inform product teams (squads) according to the Information Risk Minimum Standard
• Keep the Risk Journeys (documentation and instructions for engineers) up to date
• Support teams in using tooling used within ING (such as Amyna, SDT, ITRMP, etc.)
• Assist and advise teams and management in iRisk/CAS Issues registered from (audits, ), Risk Events, Risk Acceptances, Management Identified Actions
• Monitor and follow up on registered risk items
• Be the contact person for 2nd Line of Defense (ORM/IRM and BISO SPOC CB&A
• Organize in the bi-weekly Risk Evaluation Meeting (REM) for respective IT area
• Support the tribe in creating and maintaining Business Continuity Plan (BCP)
Our expectations:
• A proven track record and proficiency in IT Risk (5 + years), containing but not limited to:
o Change Management
o Identity and Access Management
o Operational Resilience
o Platform Security
o Cyber Security CISSP, CISM or CISA or other IT risk related certifications holder is desirable)
• Analytical, precisely, tenacious and autonomous
• Strong social and communication skills and being a sparring partner for our business colleagues.
• Conceptional understanding of some technologies: Linux, Windows, containers and Azure DevOps
• Fluent English speaking and writing
