Information Risk Management Specialist (Temporary)

ING Bank

• Bachelor’s Degree in a local or foreign university with curriculum in English
• Advanced knowledge of key information risk management and security related standards including ISO 2700x series, PCI-DSS, COBIT, EU Data Security and Privacy Acts and NIST standards.
• Holding at least one of preferred industry certifications (CISA, CISM, CISSP, CEH, ISO27001 LA, ITIL)
• Strong program and engagement management skills
• Passion for impact and learning
• Fluent in English and Turkish (knowledge of Dutch is considered a plus)
• Exceptional interpersonal and communication skills, problem-solving skills, presentation skills
• Banking & Finance industry and systems knowledge and experience is an asset as well as experience in international teams
• Knowledge of Enterprise Risk Management concepts and techniques and successful track record of effectively working with functions and organizations associated with them.
• 5+ years providing information risk management and security solutions both business and technology audiences in high technology and/or financial services organizations.
• 2+ years experience in Information Risk Management and Security
• Strong background in providing information risk management and security consulting services to both business and technology audiences within high technology organizations.
• Male candidates are required to have completed their military service or postponed at least for 2 years

İŞ TANIMI

• Provide advisory on information risk management and security to ING Bank Turkey business lines and IT units
• Provide advisory on leading industry practices for secure deployments, security architecture, and integration with IRM control frameworks.
• Facilitate risk assessments and gap analysis with regards to local regulations and ING standards.
• Develop trusted advisor relationships on information risk management and security with key Conduct architecture review, threat analysis, vulnerability assessment, exception review and likewise as a second line of defense function in ING Bank Turkey.
• Advise teams supporting computer security incident response activities related to intrusion detection monitoring, scanning, cyber threat reporting, and development/implementation of vulnerability mitigation strategies.
• Assist in the development of specifications and requirements for complex computer network security and relevant technical infrastructures.
• Establishing key control tests and independent execution.
• Assist Head of IRM in day to day management of IRM tasks.

• Certified Information Systems Security Professional (CISSP)
• Certified in Risk and Information Security Controls (CRISC)
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• ISO27001 Lead Auditor (LA)
• Certified Ethical Hacker (CEH)
• Information Technologies Infrastructure Library (ITIL)