Lead Governance, IT Risk & Compliance

Lead Governance, IT Risk & Compliance – CISO team

ING Italys CISO team is looking for a Lead Governance, IT Risk & Compliance to strengthen the CISO team. The main purpose of the role is to take responsibility for security governance, ensuring implementation and monitoring of IT risk controls to deliver a safe, secure and compliant IT environment.

The role ensures ING Italy regulatory compliance with respect to IT security requirements. It leads SoX controls coordination for IT, key control testing coordination for ICT controls, and ensures third‑party cyber risk processes are embedded in the BAU of the teams.

The role leads the IT risk remediation within the entity, working with all stakeholders across the bank to achieve safety, security and compliance. It participates in various group, entity and asset level risk assessments to ensure IT risks are prudently identified, registered in the information risk register, and managed with ownership and action plans.

As a people manager, the role leads a team of information risk specialists dedicated to protecting the bank.

Essential responsibilities

• Extensive experience and specialist expertise in governing and managing information security activities
• Recognized expert in information security governance, risk and compliance, with demonstrable ability to act as a leading authority and guide the governance and management of information security risks for major IT programs and strategic initiatives
• Proven track record of contributing to strategic planning for information security in a complex environment and developing and implementing organization‑level policies, standards and guidance
• Ability to establish relationships and influence key stakeholders at all levels of the organization to build the reputation of Information Security and influence internal and external stakeholders
• Demonstrable experience managing a team of experts and coordinating relationships between teams and stakeholders across an organization to deliver efficient and successful information security governance and remediations
• Experience in developing and managing information security audit and assurance programs, including assessing the security of third parties
• Experience in developing and managing information security training and awareness programs for diverse stakeholders
• Experience in setting the standards for, delivering and monitoring an information security service and developing and managing information security reporting frameworks and dashboards
• Ability to proactively lead or create a network of internal and external stakeholders and interested parties, to challenge or lead thinking in information security governance, risk and compliance
• Excellent analytical skills, ability to manage multiple projects under strict timelines, and ability to work well in a demanding, dynamic environment and meet overall objectives
• High level of personal integrity, professional handling of confidential matters, and appropriate judgment and maturity
• Excellent written and oral communication skills, interpersonal and collaborative skills, and ability to communicate information security and risk‑related concepts to technical and non‑technical audiences at all levels of the organization
• Master’s degree or equivalent with appropriate qualifications such as CISM, CISSP
• Knowledge of common information security management/governance frameworks such as ISO/IEC 27001, ITIL and COBIT

The type of person we are looking for

• Inspiring, energetic and passionate for IT‑Risk & Controls
• Focused on working together, facilitating others within the area and its stakeholders to be successful
• Willing to challenge the status‑quo and not take things as granted
• Proven experience and knowledge of IT Risk & Controls and related processes
• Experience in Agile Work methods
• Result‑driven and thinks in possibilities
• Constantly looking for improvements
• Self‑starter eager to learn and continuously develop in the various risk areas

Working conditions: Full Time

Duration: Permanent

Location: Milan (hybrid)

Benefits of joining ING

• Super flexible smart working
• Competitive base salaries and performance‑based bonuses
• Diverse cultures & innovative mindsets
• International environment
• Commitment to sustainability
• Lots of training and development opportunities to help you grow
• Moments dedicated to physical and mental well‑being
• A special day off on your birthday
• Free water & coffee at the office

#J-18808-Ljbffr