Job Description

ING Hubs Philippines (ING Hubs PH) is an international part of the ING organization delivering services to many Business Units across the world for both Wholesale Banking and Retail Banking activities. Working for ING Hubs PH means working with the most diverse workforce and where no challenge is the same.

At ING our purpose is to empower people to stay a step ahead in life and business. We believe that sustainable progress is driven by people with the imagination and determination to make a better future for themselves and those around them.

ING is changing what banking is. For you, that means plenty of opportunities for personal growth in a continuously evolving environment. If this is the environment you thrive in, then apply and join us in changing the future of banking!

Information Security Officer, WB CISO Asia

WB CISO is looking to expand the WB CISO Asia Office with an experienced Information Security Manager to steer the overall information security management for all ING entities in the WB Asia region.

The Information Security Officer drives region-wide information security change for all of WB Asia’s entities, and focuses on the rollout of information security policies, standards and new security capabilities, coordination and oversight of global change initiatives, cyber scenario analysis and business advisory, regulatory change management on cybersecurity topics, third party cyber risk management, and training and awareness.

The team

The WB CISO Asia Office is staffed out of ING Hubs Philippines and is functionally part of the Global WB CISO organization which has the domain-wide accountability for cybersecurity and IT risk management throughout all Wholesale Banking entities worldwide in the first line of defense (1LoD). The global WB CISO team is physically located in different parts of the world and consists of capability leads and subject matter experts in a variety of areas such as Attack Surface Management, Security Detection & Response, IT & Cyber Risk Management, and Identity & Access Management.

Roles and responsibilities

While the day-to-day activities change continuously, the Information Security Officer will typically:

• Oversee and manage local planning, execution, and monitoring of WB CISO changes initiatives, ensuring alignment with the Global CISO and WB Tech Strategy.
• As a Subject Matter Expert, you will be involve seamlessly integrating WB CISO deliverables into WB Asia's business operations. This includes ensuring alignment with various processes such as sourcing, procurement, data protection, operational resilience, and non-financial risk management
• Determine impact of security threats for the WB Asia region, translate these in practical measures and monitor the implementation throughout the region.
• Act as a subject matter expert offering security advice and consultancy to WB Asia's business management. And proactively engage in local business projects, ensuring that security requirements are effectively integrated into the project process
• Contribute to the planning of and/or execute cyber scenario analyses together with WB business and other security teams and oversee and monitor red teaming activities.
• Manage regulatory changes related to cybersecurity topics through performance of review or assessment of the topic and serve as a point of contact for WB CISO during (regulatory) audits.
• Support WB Asia's business management with their third-party cyber risk management obligations. This support includes but is not limited to assisting Contract Owners assess vendors on the actual risk they present, streamlining TPCRM processes, and helping ensure contractual incorporation of ING’s TPCRM requirements.

How to succeed

We hire smart people like you for your potential. Our biggest expectation is that you’ll stay curious. Keep learning. Take on responsibility. In return, we will back you to develop into an even more formidable version of yourself.

The ideal candidate possesses the following skills and competences, but do not hesitate to apply in case you do not tick all boxes yet:

• Demonstrated proficiency in cybersecurity and/or IT risk management topics, ranging from Attack Surface Management, Security Detection & Response, IT & Cyber Risk Management, and Identity & Access Management.
• Strong analytical and critical thinking skills, with the ability to translate complex cybersecurity and IT risk management concepts into tangible solutions and actions.
• Excellent communication and people skills, including the ability to convey technical concepts to non-technical stakeholders.
• Ability to build partnerships and work collaboratively with a wide range of stakeholders to meet shared objectives, while gaining the support and commitment of others.
• Holds the ING Orange Code in high regard and applies a variety of Orange Behaviors to deliver tangible results.