Lead Governance, IT Risk & Compliance

Descrizione del lavoro:

Lead Governance, IT Risk & Compliance - CISO team
ING Italys CISO team is looking for the Lead Governance, IT Risk & Compliance as part of the strengthening of the ING Italy's CISO team. It is a leadership role and the main purpose of the job is to take responsibility for the security governance, ensuring implementation & monitoring of IT Risk controls to deliver a safe, secure and compliant IT environment.
This role is responsible to ensure ING Italy regulatory compliance with respect to IT security requirements. The role leads the SoX controls coordination for IT , Key control testing coordination for ICT controls and ensure the third party cyber risk processes is embedded in the BAU of the teams.
This role leads the IT risk remediation within the entity which means working together with all stakeholders across the bank to meet the objective of being safe, secure and compliant.
The role takes part in various group, entity and asset level risk assessments to ensure that the IT risks are prudently identified and registered in the information risk register with the right ownership and action plan.
The role is a people manager role leading a team of smart information risk specialists level who work diligently to protect the bank.

Essential responsibilities:
- Extensive experience and specialist expertise in governing and managing information security activities
- Recognized expert in the field of information security governance risk and compliance, with demonstrable ability to act as a leading authority on information security, providing guidance on the governance and management of information security risks for major IT programs and strategic initiatives
- Proven track record of contributing to the strategic planning for information security in a complex environment and for developing and implementing organization-level policies, standards and guidance
- Ability to establish relationships and influence key stakeholders at all levels of the organization in order to build the reputation of Information Security and influence internal and external stakeholders to benefit the institution as a whole
- Demonstrable experience of managing a team of experts and managing relationships between teams and stakeholders across an organization in order to deliver an efficient and successful information security governance and remediations
- Demonstrable experience in developing and managing information security audit and assurance programs, including assessing the security of third parties
- Demonstrable experience in developing and managing information security training and awareness programs to a diverse range of stakeholders
- Demonstrable experience in setting the standards for, delivering and monitoring an information security service and for developing and managing information security reporting frameworks and dashboards
- Ability to proactively lead or create a network of internal and external stakeholders and interested parties, to challenge or lead thinking in information security governance risk and compliance
- Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
- High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
- Excellent written and oral communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and non-technical audiences at all levels of the organization
- Master degree calibre with appropriate qualifications, such as CISM, CISSP
- Knowledge of common information security management/governance frameworks, such as ISO/IEC 27001, ITIL and COBIT

The type of person we are looking for:
- Inspiring, full of energy and passionate for IT- Risk & Controls
- Focused on working together, facilitating others within the area and its stakeholders to be successful
- You don't take things as granted and you are willing to challenge the status quo
- You have proven experience and knowledge of IT Risk & Controls and its related processes
- You have experience in the Agile Way of Work
- You are result driven and you think in possibilities
- You are constantly looking for improvements
- You are a self-starter and eager to learn and continuously develop yourself in the various Risk area

Working conditions: Full Time
Duration: Permanent
Location: Milan (hybrid)

About ING
ING offers many opportunities to build a diverse and rewarding career. You will be joining an international innovative digital bank, the first in Italy to adopt a fully flexible smart working model, and you will be working in a stimulating environment where you can grow both as an individual and as a professional. Our purpose - empowering people to stay a step ahead in life and in business - represents our belief in people's potential. We don't judge, coach or to tell people how to live their lives. We empower people and businesses to realize their own vision for a better future.
#doyourthing is our brand direction with us each and every day. It is how we articulate our purpose and our promise to make banking frictionless to the world.
'do your thing' is about people being free to live the life they want to live, knowing that they will make their world a little better for it.
Do you think you are "a step ahead"? Apply now!

The benefits of joining ING
In addition to being a part of a great team, working in a fun and innovative environment, we offer:
· Super flexible smart working
· Competitive base salaries and performance based bonuses
· Diverse cultures & Innovative mindsets
· International Environment
· Commitment to sustainability
· Lots of training development opportunities to help you grow
· Lots of moments dedicated to physical and mental well-being
· A special day off when it is your birthday: we call it #doyourbirthday!
· And of course we can't forget: free water & coffee at the office!

Our Commitment
Diversity is a fundamental element of our corporate culture, and we are fully committed to creating a safe and inclusive environment, based on mutual respect and the value of diversity, offering equal job opportunities to all qualified candidates.

Job Application Safety Reminder ⚠️
We're seeing an increase in fraudulent job offers. To protect yourself, please follow these key guidelines when applying for roles at ING:
· Apply only via official ING platforms: ING uses Workday as its internal recruitment system. Applications should be submitted only via our official career site.
· Check the sender's email carefully: legitimate communication will always come from: @ing.com and/or @myworkday.com
· No payments or banking details will ever be requested. If someone asks for this information, it's a scam.
If you suspect suspicious activity, report it immediately. Your safety matters to us