Head of IT Security

Key Responsibilities

IT Security Leadership

• Lead the local IT Security agenda covering infrastructure security endpoint security network security and identity & access management.
• Oversee vulnerability management patching governance and remediation tracking.
• Ensure security monitoring SIEM/SOC operations threat detection and incident response capabilities.
• Govern local incident response processes coordinate response with global CSIRT and ensure timely root cause analysis and corrective actions.
• Drive continuous improvement of local security engineering and operational controls.

Cybersecurity Governance Risk & Compliance

• Ensure governance of cybersecurity and IT security aligned with Global CISO directives and ING policies.
• Implement and maintain global standards security baselines and control frameworks.
• Monitor and ensure local adherence to regulatory obligations (e.g. DORA).
• Perform regular cyber and IT security risk assessments; provide expert advice to management and IT squads.
• Oversee policy implementation KRI tracking and executive reporting.

Audit & Regulatory Engagement

• Lead local preparation for internal/external audits related to cybersecurity and IT security.
• Coordinate regulatory examinations questionnaires and onsite inspections.
• Track remediation of audit or regulatory findings and ensure closure within required timelines.

IT Security Architecture & Standards

• Partner with architecture teams to ensure systems and changes comply with security standards.
• Provide expert guidance on secure design cloud security integration and platform hardening.
• Review and approve security exceptions and risk acceptances.

Stakeholder & CrossFunctional Engagement

• Act as the primary security authority for the local hub.
• Collaborate closely with IT Operations Workplace Services Engineering Risk Compliance Data Management and other Chapters.
• Represent the local hub in global security communities change boards and governance groups.

People Leadership & Chapter Management

• Lead the Local CISO Chapter: manage performance capability building succession planning and workforce strategy.
• Build a highperforming team with strong engineering and governance capabilities.
• Foster a culture of ownership continuous learning and innovation.
• Ensure chapter alignment with global ways of working .

Minimum Qualifications

• A degree in computer science information security engineering or related field.

• Minimum 8 years of experience in IT security cybersecurity risk management or IT operations in enterprise-scale environments.
• Strong understanding of infrastructure security: networking firewalls endpoint protection cloud security IAM vulnerability scanning SOC/SIEM intrusion detection.
• Deep knowledge of cybersecurity governance and frameworks such as ISO 27001 NIST CSF CIS Controls SOC NIS2.
• Experience implementing and governing complex IT security controls in financial or regulated environments.