SENIOR SECURITY EXPERT/ PRODUCT MANAGER

ING Bank

• Active industry certification(s) preferred (such as CISSP, CISA, CISM, CEH, SANS – GSEC, GCIH, etc).
• Application Security Vulnerabilities such as OWASP Top 10, CWE/SANS Top 25 and remediation approaches.
• Knowledge of Malware analyses, Penetration testing, Vulnerability Scanning
• Forensic analyses expertise

• Bachelor’s Degree preferably in Computer Science, or Cyber Security, or Information Technology or a minimum of 7 years’ experience in Information Technology and Security Architecture
• Minimum of 5 years of Information Technology experience in  core domains of IT Infrastructure such as Data Networks, Server and Desktop hardware and Operating Systems, Messaging, Collaboration, Storage and Backups, and related monitoring and management systems
• The candidate will have a strong background within information security and security engineering, with hands-on experience of a diverse range of security technologies that include: multivendor stateful, non-stateful, and application firewalls, HIDS, NIDS/NIPS, Wireless, NAC, SSL and IPSEC VPN’s, DLP, SIEM, PKI/Strong Authentication, database technologies, load balancing, encryption technologies, mobility security, end user computing security, cloud security, Network security, and OS vulnerability scanning tools and management
• Full-stack knowledge of web and network applications, SDLC Process, Continuous integration, static analysis with Fortify and/or dynamic scanning tools (WebInspect, Appscan)
•  Solid knowledge of TCP/IP, OSI, Operating Systems (Windows, Linux/Unix), Package filtering Intrusion detection. Network/OS Background is important for this job
•  Defense in depth security models and security management practices
• Assessment tools, technologies and methods
• Designing secure network, systems and application architectures
• Fluent in English
• Completed military service obligations

İŞ TANIMI

• Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs
• Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; Understanding processes and Security models
• Plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards
• Assists with Risk department, internal/external audits, Enterprise Architecture and Infrastructure Architecture; maintains strong working relationships with these groups
• Assesment, Lead and consultancy to Infrastructure and development teams regarding to Security Best practices