Join our security architecture team and work with vendor and supplier management for security aspects, including contract negotiations. You will enforce of security measures within the contract and on-site/off-site audits according to DORA audit requirements. In this position you will research and apply innovative security architecture solutions to new or existing problems and justify and communicate design decisions.
responsibilities :
interacting with senior stakeholders up to an organisational or inter-organisational level
reaching and influencing a wide range of people across larger teams and communities
researching and applying innovative security architecture solutions to new or existing problems and being able to justify and communicate design decisions
working on projects with high strategic impact, understanding the impact of decisions, balancing requirements and deciding between approaches
producing particular patterns supporting secure and resilient solutions and supporting quality assurance
leading the technical design of systems and services
vendor/supplier management for security aspects, including contract negotiations, enforcement of security measures within the contract and on-site/off-site audits according to DORA audit requirements
requirements-expected :
demonstrated understanding of Cybersecurity domains: risk management, IT asset security, security architecture and engineering
knowledge of modern security architectures for both cloud and on-premise deployments
good understanding of current IT security frameworks and standards
knowledge of current regulations and their finance-sector specifics is a must (DORA, PCI-DSS, Recommendation D, UKNF communication on information processing using public or hybrid cloud, UKSC, RODO/GDPR)
understanding of both symmetrical and asymmetrical cryptography
hands-on experience with public cloud providers, preferably Microsoft Azure and Google Cloud Platform and their built-in security measures
excellent communication skills (ability to translate business requirements into IT product, presenting ITSec solutions during IT Architecture Boards, explain complex technical aspects to non-technical audience etc.)
experience in internal cybersecurity reviews (whitebox methodology) at infrastructure, application and process level
hands-on experience in vendor/supplier management for security aspects, including contract negotiations, enforcement of security measures within the contract and on-site/off-site audits
required mobility for security assessments of service providers/suppliers
understanding of Data Center security aspects (valued knowledge of security standards like: TIA 942-B Tier 3 standard or [PN-EN 50600 - Data centre facilities and infrastructures or other appropriate standard with similar requirements)
fluent English & Polish languages skills (at least C1 equivalent)
offered :
We invest in development - we offer co-financing for training and courses as well as access to educational platforms: Udemy Business, eTutor, and an internal e-learning platform. We also offer development internships and consultations with career advisors.
We care about health and safety - we offer a medical package and life insurance for you and your loved ones, access to the Mindgram platform with individual consultations with specialists and webinars. While working at ING, you have the opportunity to join the Employee Pension Program and the Oncological Prevention Program.
In practice, work life balance means additional days off: "family day" (its up to you how you use it), days off in the form of rewards and free hours for volunteering or health prevention.
For parents, we have additional days of maternity and paternity leave and days off for child care, regardless of the limit used by the other parent.
By joining us, you decide to work in a stable organization focused on comfortable working conditions with a Top Employer certificate. The future is our joint investment - together with ING you can get involved in any initiative supporting ESG and social responsibility.
You decide what equipment you work with. We provide each employee with the necessary equipment for work, but if you want to work on a laptop or smartphone of your choice, which you will also use for your private purposes, we provide such an opportunity. We offer a refund and discount program on selected purchases.
We celebrate together and get to know each other during team trips, family and sports events, such as Childrens Day, Run Warsaw or sports tournaments.
Green office spaces for work and meetings, as well as places to relax - all at your disposal.
benefits :
sharing the costs of sports activities
private medical care
sharing the costs of professional training & courses