Job Description

The Team

The Cybersecurity Risk Specialist provides expert analysis and oversight in cybersecurity risk, supporting the identification, measurement, and mitigation of risks arising from technologies, processes, and potential attacks. The Cybersecurity Risk Specialist ensures alignment with regulatory requirements, challenges the effectiveness of controls, and advises the CISO NL and Tech NL IT leadership on risk exposure and mitigation strategies.

Roles and Responsibilities

• Analyse security events, incidents, and threats.
• Monitor and challenge the implementation of controls, remediation plans, and risk acceptances.
• Perform independent cybersecurity risk assessments and control-effectiveness reviews, and provide clear, actionable advice to CISO NL and Tech NL IT leadership.
• Advise CISO NL and Tech NL IT leadership on cyber risk exposure and mitigation strategies.
• Stay up to date with emerging threats, attacks, regulatory developments, and industry best practices.
• Own and evolve cybersecurity requirements for IAM, SDR, VM, and secure AI within Tech NL.
• Translate policies and standards into implementable risk journeys and guardrails (patterns, configuration baselines, control tests) that IT domains can adopt.
• Contribute to knowledge building by sharing best practices, coaching colleagues, and keeping abreast of emerging threats and regulations.

How to succeed
We hire smart people like you for your potential. Our biggest expectation is that you’ll stay curious. Keep learning. Take on responsibility. In return, we’ll back you to develop into an even more awesome version of yourself.

• A university degree (Bachelor’s) or postgraduate (Master’s) degree in computer science or a comparable education.
• 7+ years of experience in cyber risk management roles, ideally in a CISO department or 2nd line (2LoD).
• Strong understanding of cybersecurity, threats, attack methods, and techniques.
• Strong analytical skills with the ability to translate technical findings into clear risk statements and pragmatic recommendations.
• Expertise in infrastructure, cryptography, cloud, platforms, and business applications.
• Strong skills in Security Detection & Response, Vulnerability Management, Network Security, and secure AI.
• Solid expertise in Identity and Access Management and IT resilience.
• Solid understanding of relevant regulations (e.g., DORA, EBA).
• Experience with AI/ML applications in security and risk domains.
• Certifications such as CISSP, CISM, CRISC, or CISA are preferred.
• Good judgment and decision-making.
• Stakeholder management skills.
• People management and coaching skills.
• Strong critical thinking skills.
• Strong communication skills.
• Project management and reporting skills.
• Strong consulting, negotiation, and presentation skills.
• Fluent English (spoken and written) is required.
• Dutch language skills are preferred.

Rewards and benefits
We want to make sure that it’s possible for you to strike the right balance between your career and your private life. Find out more about our employment conditions.

The benefits of working with us at ING include:

• 25-28 vacation days depending on contract
• Pension scheme
• 13th month salary
• 8% Holiday payment
• Hybrid working
• Personal growth and challenging work with endless possibilities
• An informal working environment with innovative colleagues

About us
Curious about how ING empowers people and businesses to move forward?

Discover what we do and what we can offer you

Questions?
Please visit our Frequently Asked Questions section to find some answers on questions you might have.

Contact the recruiter attached to the advertisement. Want to apply directly? Please upload your CV and motivation letter by clicking the ‘Apply’ button.