IT Security Engineer ING Hubs Romania

Discover ING Hubs Romania

ING Hubs Romania offers 130 services in software development data management non-financial risk & compliance audit and retail operations to 24 ING units worldwide with the help ofover2000 high-performing engineers risk and operations professionals.

We started out in 2015 as INGs software development hub then steadily expanded our range to include more services and we provide borderless services with bank-wide capabilities andoperatefrom two locations: Bucharest and Cluj-Napoca.

Our tech capabilitiesremainthe core of our business with more than 1800 colleagues active in Dataand AnalyticsTechTech Foundation andChannelsRetail Core Banking and Architecture andGlobal Products and Technology Services.

We enjoy a flexible way of working and a highly collaborative environment where fair and constructive feedback is encouraged.

For us driver of our are guided and rewarded by a shared desire to make the world a better place one innovative solution at a time. Our colleagues make it their job to do impactfulthingsand they love doing it in good company. Do you

The Mission

As an IT Security Engineer you help strengthen INGs security posture by guiding product teams in secure design threat mitigation vulnerability remediation penetration test readiness and regulatory compliance. You will be part of a new Security engineering Services multinational team (Romania & Netherlands). Together we act as one Center of Excellence (COE) combining deep expertise in (1) Infrastructure & network security (2) DevSecOps & Application security and (3) Data & Analytics & AI/ML security.

Your day to day:

While each team member brings a strong general security foundation we do not expect everyone to master all three niches. Every engineer contributes broadly across security engineering with one clear defined area of specialization where they provide deep expertise. The overarching roles & responsibilities are;

• Provide hands-on guidance to ensure teams design and build secure resilient and compliant systems by default.
• Conduct security assessments (infrastructure application data ML/AI) and support teams in remediation.
• Translate security standards into practical developer-friendly best practices.
• Partner with software engineers SREs data engineers and platform teams to embed security into the full lifecycle of applications systems and platforms.
• Act as a subject matter expert in IT security providing proactive guidance coaching and support to engineering teams.
• Assess emerging technologies modern engineering patterns and security threats and communicate their impact in clear actionable guidance.
• Contribute to security communities of practice knowledge-sharing sessions and initiatives that uplift the overall security maturity.
• Support risk assessments threat modeling blue/red teaming security testing and design reviews to ensure solutions are secure and compliant by default.
• Contribute to the automation and continuous improvement of security engineering processes (reducing toil).

What youll bring to the team:

How to succeed - Foundational (applies to all team members)

All engineers in the IT Security Service Team are expected to bring a solid security engineering foundation regardless of their specialisation.

• Core Requirements (for every engineer): Strong IT experience using technologies such as Azure pipelines Kubernetes Virtual Machines (Linux/Windows) Database solutions (e.g Oracle/MSSQL/Cassandra) application / API development;
• Strong understanding of general IT security concepts (secure design threat modelling vulnerability management);
• Track record in security assessments reporting and supporting remediation activities;
• Ability to explain complex security topics in a clear and pragmatic way;
• Strong problem-solving analytical thinking and stakeholder collaboration skills;
• Can-do mentality entrepreneurial to help building a new team.

Baseline Certifications (nice to have):

• Certified Information Systems Security Professional Advanced certification for security architecture and governance;
• Certified Information Security Manager Emphasises risk management and compliance;
• Certified Cloud Security Professional Specialises in securing cloud environments;
• Any cloud associate certification (AWS Azure GCP).

Niche-Specific Requirements:

1. Infrastructure & Network Security Specialist

Skills:

• Strong understanding of networking (TCP/IP routing segmentation DNS firewalls).
• Experience with OS hardening (Linux/Windows) and secure infrastructure configuration.
• Knowledge of vulnerability scanning and remediation workflows (Qualys Nessus Rapid7).
• Familiarity with cloud infrastructure and platform security (AWS/Azure/GCP foundations).

2. DevSecOps & Application/API Security Specialist

Skills:

• Knowledge of secure development practices and OWASP ASVS/Top 10;
• Experience with SAST SCA DAST and IaC scanning tools in CI/CD pipelines;
• Ability to perform secure code reviews and API security assessments;
• Understanding of container security (Docker Kubernetes) and automation in DevOps workflows.

Preferred Certifications:

• OSCP;
• Cloud or DevOps Professional certification (AWS Azure GCP).

3. Data & Analytics Machine Learning & AI Security Specialist

Skills:

• Experience securing data pipelines ETL/ELT and analytics environments (Spark Databricks);
• Knowledge of ML model lifecycle MLOps tooling (MLflow SageMaker Vertex AI);
• Understanding of adversarial ML model poisoning prompt injection and AI threat models;
• Familiarity with AI governance and responsible AI frameworks (EU AI Act NIST AI RMF).

Preferred Certifications:

• Google Professional Machine Learning Engineer;
• AWS Machine Learning Specialty;
• Microsoft Azure AI Engineer Associate;
• ISACA CDPSE (Data Privacy);
• Exposure to MITRE ATLAS / adversarial ML tools (valued but not mandatory).

If you want to deep dive into the processing of personal data conducted by ING Hubs Romania during the recruitment process and your rights related to it read theprivacy noticeson ourwebsite(make sure to scroll until you reach the Data Protection section/ Candidates tab).