Senior IT Auditor

IT Security Audit Specialist

The opportunity

ING Corporate Services is looking for an IT Security Audit Specialist, who will conduct and coordinate the execution of technical IT audit activities. The IT Security Audit Specialist has strong technical expertise and experience in performing hands-on IT Security assessments, combined with excellent communication skills to strengthen its IT audit team for the area Global Tech Infrastructure and Cybersecurity.

Roles and responsibilities

As IT Security Audit Specialist you are the subject matter expert within the team for IT Security and technical IT audit topics and as such you:

• Coordinate and execute the IT Security assessments and technical IT audit work. These are performed as part of IT audit assignments;
• Supervise the technical audit work performed by other auditors on multiple assignments;
• Develop approach to audit and assess new technologies.

The team

Corporate Audit Services is ING’s internal audit department and consists of around 410 team members globally. As IT Security Audit Specialist you will be located in Amsterdam within the Global Tech Infrastructure and Cybersecurity team. This team consists of 5 members located in Amsterdam and is part of the CAS Audit Division IT.

You will work in a positive working atmosphere where people are used to an open communication style. Education and training is highly supported and innovation is stimulated.

How to succeed

• You have in-depth technical knowledge of IT Security aspects concerning IT components such as (but not limited to) networks, servers, operating systems, databases, web applications, APIs, virtualization platforms and public cloud platforms (e.g. MS Azure, Google Cloud, AWS).
• You have strong analytical skills to identify IT Security weaknesses, the ability to effectively communicate related business risks and recommend on the implementation of IT Security controls or risk mitigating actions.
• You are naturally proactive, critical and curious, you know how to ask the right questions and get the right information, even when you have to overcome resistance.
• You are a team player who enjoys working in an international team and able to work effectively under minimal supervision.
• You have the ability to share your knowledge and provide technical hands-on training to colleagues.

Furthermore, you adhere to the ING values and you are also prepared to take the Banker's Oath.

Skills required

• A bachelor, master degree or equivalent in the field of IT, IT Security or IT Audit;
• In possession of valid industry certifications such as CISSP or CISA.
• At least 3 years of experience in planning and executing IT Security assessments including ethical hacking and penetration testing on complex IT services, platforms, infrastructure and applications;
• Relevant working experience in an IT (cyber) security, IT Risk Management or IT Audit department;
• Experience with working in international and complex organizations, such as the financial services industry.
• Continuously staying up to date in the IT Security work field by for example attending trainings or conferences.
• Fluently in English. Dutch or other languages are also appreciated.
• Willing to travel abroad 3-4 weeks per year, depending on assignments

What we offer

This is a full-time position of 36 or 40 hours a week. ING Bank offers an attractive employee benefits package with excellent secondary labour conditions, that more than meet market conditions.