Information about the position
Job description, responsibilities and duties
We are looking for an IT Risk advisor to complement the Information Risk Management (IRM) team of ING Business Shared Services (IBSS) center in Bratislava. As a strategic partner of the global ING Bank, IBSS is delivering key services to Bank’s clients which are branches and subsidiaries.
As IT Risk advisor you will contribute to the programs, projects and safe run of the ING organization within the Non Financial Risk (NFR) and specifically Information Risk Management (Information (Technology) Risk and Continuity Risks mainly).
You will challenge, advise and support the identification, analysis and mitigation by first line of defense/business of non financial risks to maintain the acceptable levels which are proportionate to its value and criticality.
You will raise the NFR awareness throughout units of our internal business partners and check that the first line of defense/business is complying with the risk appetite and escalate where necessary. You will closely cooperate with colleagues in other countries of ING´s presence and with Corporate Information Risk management domain located in Amsterdam.
As an IT Risk Advisor your role is to:
Execute 2nd Line of Defense Risk management
Challenge risk management execution and control processes and take corrective actions if necessary (escalation). Coordinate the reporting of risks and controls by the first line of defense (business) regarding designated business processes.
Information and Business Advice
Provide specialist advice on the interpretation and applicability of policies and procedures, resolve queries and issues and refer complex issues towards internal business partners related to information security.
Contribute to execution of various Business Impact Assessments, Risk Assessments or detailed IT Risk Assessments
Participate in Projects and Program Risks and Issues Management
Identify and evaluate risks, issues, dependencies, and constraints associated with the projects and within business as usual situation, escalate where appropriate. Where necessary, contribute to developing, agree on, and participate on implementation of solutions to overcome these.
Challenge the first line of defense and periodically report upon the risks related to Information (Technology) Risks and Continuity Risks.
Perform specific second line reviews (e.g. spot checks – reviewing the implementation and effectiveness of IT controls for (Business) applications and relevant entity controls
Contribute to the development and maintenance of a risk awareness related to your scope within the organization
Execute Second Line Monitoring activities (review and challenge) within Key Control Testing and Quality Assurance activities related to IT assets
• You are energetic, self-motivated professional who already possesses relevant skills and is eager to learn and develop further
• You are focused, self-driven and result oriented with ability to think structurally and analytically – both in broad sense but also with attention to detail
• You have sound judgement and can defend your opinion
• You have a track record in IT, IRM or IT (security) area
• You are the advisor, who can provide risk management activities related to business applications, IT processes, databases and infrastructure to support and challenge the work of others
• You possess collaboration skills and ability to work across domains and geographies
• You can be firm when needed and flexible where possible. You know how to earn trust and respect of both colleagues and management
You are fluent in English, both written and spoken
• You want to work with teammates, global stakeholders, (internal) business partners and various corporate departments
Employee perks, benefits
• Life events (marriage/partnership, child birth/adoption, work anniversary)
• 3rd pillar retirement saving
• Life insurance
• Salary compensation during illness leave (PN)
• Performance based annual bonus
• Cafeteria benefit
• Extra holiday days
• Fresh fruit at the workplace
• Company events
• Referral bonus, etc.
Information about the selection process
Please, send us your CV in English via email below. Please note, that we will reply only to selected candidates. Thank you for your understanding.
Requirements for the employee
Candidates with education suit the position
University education (Bachelor's degree)
University education (Master's degree)
IT, IT Security
English - Advanced (C1)
Number of years of experience
Personality requirements and skills
• Previous experience in IT Risk management, IT Security or IT audit (financial institutions are plus)
• IT education oriented (on security is a plus)
• Knowledge of IT and IT Security related methodologies and frameworks (COBIT, ISO2700x, etc.) is preferred
• International certifications for Information (Technology) Risk Management (e.g. ISC2, ISACA accreditations) are considered as advantage
Brief description of the company
ING is a global financial institution of Dutch origin offering banking and asset management to over 60 million private, corporate and institutional clients over 50 countries. With a diverse workforce of over 50,000 people, ING comprises a broad spectrum of prominent companies that increasingly serve their clients under the ING brand.
Number of employees