IT Security Specialist (Corporate Audit Services)

Last updated an hour ago
Location:Sydney
Job Type:Full Time

At ING we are not an average bank and we are looking for a passionate creative individual who can make an impact on how we keep our customer data secure.

We are looking for an IT Security Specialist who can come up with creative ways to test the efficacy of technical security controls across ING Australia operations.

This role is part of the global corporate audit services team, where you will have colleagues with varying technology backgrounds and access to a wealth of technical knowledge. As part of your role you will be responsible for supporting and performing technology specific audit assignments wherein you will assess if technical controls implemented to protect the confidentiality, integrity and availability of systems and data are designed in line with ING and industry standards and best practices; and whether these controls are effective in preventing a malicious individual from causing harm to ING and its customers.

There is the potential to assist ING teams in other countries with their engagements and thereby build a truly global network and understanding of the bank.

You will also help to create and promote a positive working relationship across all facets of the ING business by identifying and negotiating the implementation of clear, robust and effective controls that address any technical risk / control deficiencies.

Your communication skills as well as stakeholder management capabilities are fundamental requirements for this varied role, and an ability to prioritize workload and manage expectations under pressure will be essential to your success.

To complement our team, you will have the ability to work collaboratively, be exceptionally self-motivated, detail-oriented, and passionate about technology and have a hunger for continuous improvement.

What are you going to do? You’ll be:

  • Understanding the technology landscape at ING Australia and identifying where potential risks to confidentiality, integrity and availability could exist, and developing creative approaches to test technical controls.

  • Assisting in planning and executing technology specific audits identified from the Annual Audit Plan including timeframes, resources, methodology and relevant technologies/tools used.

  • Engaging with key IT stakeholders (management) to understand the security risks and the technical controls in place to mitigate those risks.

  • Analysing technical information provided by management and performing detailed risk assessments to determine the approach to testing.

  • Formulating detailed test plans and determining the artefacts and evidence required from management to assess control design and control effectiveness.

  • Analysing evidence against test plans/test objectives and concluding whether technical controls are adequate or if there are gaps resulting in observations.

What are we looking for? Someone who has:

  • 2-5 years post qualification experience in a cyber-security and/or IT infrastructure type role.

  • Strong understanding of Information Technology specific risk and controls frameworks and standards (for e.g. NIST CSF, ISO 27002, PCI DSS, CPG 234).

  • Familiar with vulnerability assessments, penetration testing, red team/blue team techniques, security logging and monitoring concepts.

  • Practical experience with any of the following Windows Active Directory Infrastructure, Virtualisation Technologies, Private/Public Cloud Infrastructure, Switch/Router/Firewall Configuration, Development Processes.

  • Some understanding of risks and controls applicable to financial services organisation.

  • Advanced skills in MS Excel and other MS Office Applications (Powerpoint, Visio, Word)

  • Relationship building, negotiation and influencing skills.

  • Excellent written and verbal communication

  • Excellent interpersonal skills

  • Strong analytical skills

Preferable/Desired Skills:

  • Some experience with scripting/coding.

About us

At ING, we want to make life simpler and more worthwhile – for everyone who banks with us, for the people who work with us, and the community at large, too.

When you come to work at ING, you’re joining a team where individuality isn’t just accepted, it’s encouraged. We’ve built a culture that’s fun, friendly and supportive – it’s the kind of place where you can be yourself and make the most of whatever you have to offer.

We give people the freedom to take risks, think differently, take ownership of their work, and make great things happen. We’re here to help you get ahead. And with our global network, there’s plenty of scope to take your career in new directions, perhaps even ones you’ve never considered.

People of all ages, sexual orientations, cultures and backgrounds are welcome to apply – likewise if you’re an indigenous Australian, or you’re living with a disability, or you have family or caring responsibilities.

Sound like the kind of place you’d feel at home? We’d love to hear from you.

(One last thing, ING operates a direct talent sourcing model. So no agency introductions, please.)