Descripción de la oferta
At ING Hubs Spain we are looking for a IT Risk Expert
We’re looking for a talented and enthusiastic IT Risk Expert (second line of defense role) to join our ING Hubs Spain Team.
As an IT Risk Expert, you will sit at the intersection of technology, regulation, and business strategy – helping ING manage information and technology risks at scale across multiple countries. This is not a checkbox compliance role. You will advise senior stakeholders, shape risk decisions, and influence how technology risk is managed across ING.
Your Impact
You will be part of the international Information Risk Management (IRM) team, supporting ING entities across Europe and the Global Information & Technology Risk department. Your work directly strengthens ING’s resilience, security posture and regulatory readiness.
Act as a trusted IT Risk advisor to IT leaders and business management
Translate complex technology risks into clear, actionable insights for decision‑makers
Influence how ING designs and operates its Information & Technology Risk framework
Your Key Responsibilities
Provide hands‑on Information Risk Management (IRM) support to local and global IRM officers and IT stakeholders
Perform risk analyses, risk papers, and executive‑level reporting (strategic and ad‑hoc)
Challenge, review, and improve risk controls through QA reviews and oversight activities
Participate in, challenge, and periodically report upon the IT risks of key strategic ING programs and projects
Monitor external/internal developments (regulatory, technological, threat landscape), assess their impact on ING and translate these pro‑actively into IRM mission, vision and strategy
Support the IRM Leadership (Local, Global and Hubs Leads) with research, fact‑finding, collecting evidence and risk assessments
Contribute to the development and maintenance of ITR frameworks, standards, procedures, and methodologies
Support regulatory interactions and follow‑ups (e.g. ECB, audits, regulatory change initiatives)
Help design and deliver training and awareness for Non‑Financial Risk colleagues
What are we looking for?
We are looking for someone who is confident, analytical, and comfortable challenging the status quo.
Solid experience in Information/IT Risk Management/Cyber Security, IT Governance, or Technology Risk
Deep understanding of IT security, risk management processes, Availability, Integrity, and Confidentiality of information and systems
Experience advising stakeholders on complex risk topics
Strong analytical and writing skills – you can turn complexity into clarity
Knowledge of GRC frameworks and compliance standards (ISO/IEC 27001, NIST CSF, NIS2, SOC ½)
A proactive mindset: you don’t just identify risks; you help solve them
The confidence to challenge risk decisions constructively – you can deal with and advise on complex matters that concern senior management of ING Bank and its branches
Proven stakeholder management and engagement skills
Good presentation skills
You will get extra points for:
Certifications such as CISM, CRISC, CISA or equivalent
Data analytics and PowerBI skills are a plus
Experience with DORA, EU AI Act
Benefits
Flexible remuneration model and additional services (nursery, transport card, training aids)
Transport allowance
Pension plan after 1 month
Health insurance for you and your family
Life insurance
Restaurant card
#J-18808-Ljbffr
