Head of Security Architecture & Strategy

We are seeking a senior leader to define and drive INGs global security architecture and multiyear security strategy. You will ensure security is designedin by default across platforms and transformations aligning with business objectives technology roadmaps and regulatory expectations. This role blends strategic leadership with architecture authority converting risk and threat insights into clear standards reference architectures and consumable patterns that scale across countries and domains.

The team
You will report hierarchically to the Global Chief Information Security Officer (CISO) and have a strong functional reporting line to the Global Head of Tech Strategy & Enterprise Architecture. As such you will be part of the Enterprise Architecture community collaborating with Chief/Domain Architects to embed security into enterprise and domain designs and to ensure coherent endtoend architectures.

Roles and responsibilities
In this role you will be accountable for the following core responsibilities which are essential to driving INGs security architecture and strategy in close alignment with enterprise architecture and business objectives:

Strategic leadership & roadmap

• Define and maintain a 35 year security strategy aligned with business strategy tech/data strategies threat landscape and regulatory expectations; translate into strategic pillars outcomes and milestones.
• Publish and socialize a security architecture roadmap that guides platform and program decisions across countries/domains.

Architecture direction & standards

• Set security architecture principles standards and reference architectures for cloud identity data applications APIs and infrastructure; ensure compatibility with enterprise architecture frameworks and models (e.g. TOGAF Archimate).
• Convert risk threat and regulatory requirements into actionable patterns and reusable building blocks for engineers and architects.

Design authority & governance

• Act as security design authority on behalf of the CISO: approve standards patterns and exceptions; embed security architecture in design/investment reviews and major programs to avoid late rework.
• Collaborate with Enterprise Architecture forums to ensure security is integrated from inception not retrofitted.

Collaboration & stakeholder management

• Partner with business leaders CIO domains risk/compliance data & engineering teams and vendors to balance risk cost and speed while meeting regulatory expectations.
• Represent Security Architecture in enterprise architecture and executive forums; provide clear timely guidance to unblock delivery.

Risk threat & regulatory alignment

• Integrate threat intel incident learnings resilience testing and audit/regulatory feedback into architecture direction and priorities. Support the CISO in supervisory engagements.

Leadership & capability building

• Build and lead a highperforming diverse team of security architects and strategists fostering technical intensity and architectural rigor. Mentor architects and engineering leaders to elevate security by design.

How to succeed
We hire smart people like you for your potential. Our biggest expectation is that youll stay curious. Keep learning. Take on return well back you to develop into an even more awesome version of yourself.

Experience

• 12 years in technology/security with senior security architecture leadership; experience in large complex regulated environments (financial services preferred).
• Demonstrated success advising executives influencing crossfunctionally and leading global architecture initiatives.

Technical expertise

• Security architecture: Identity & access data protection/privacy application/API security network/infrastructure security cloud/hybrid controls; translating risk & regulation into pragmatic designs.
• Enterprise architecture frameworks & tooling: TOGAF/Zachman (or equivalent) and modeling with Archimate; ability to align security architecture to enterprise reference models and capability maps.
• Cloud & platforms: Secure patterns for GCP/Azure/AWS containers service mesh zero trust secrets management key management and event streaming.
• Data & analytics awareness: Data lineage classification and governance patterns; enabling secure analytics/AI usecases in partnership with Data & Analytics architecture.

Competencies & skills

• Strategic vision & execution: Sets longterm direction and turns it into clear roadmaps/OKRs.
• Influence & communication: Explains complex risk/architecture topics simply to executives and engineers; manages conflicting priorities.
• People leadership: Builds capability coaches talent and cultivates a culture of craftsmanship and excellence.
• Change leadership: Drives adoption of standards and behaviors across a matrixed international organization.

Education & certifications

• Bachelors or Masters in Computer Science Information Security or related field.
• Relevant certifications are a plus: TOGAF SABSA CISSP CCSP CISM; and cloud provider security certifications.

Rewards and benefits
We want to make sure that its possible for you to strike the right balance between your career and your private life. Find out more about our employment conditions.

The benefits of working with us at ING include:

• 25-28 vacation days depending on contract
• Pension scheme
• 13th month salary
• 8% Holiday payment
• Hybrid working
• Personal growth and challenging work with endless possibilities
• An informal working environment with innovative colleagues

About us
Curious about how ING empowers people and businesses to move forward

Discover what we do and what we can offer you.

Questions
Contact the recruiter attached to the advertisement. Want to apply directly Please upload your CV and motivation letter by clicking the Apply button.