In ING we take a integrated approach when it comes to security. We have an integral concept of the security process with the cyber and physical security squads working in the same team sharing the same goal: keeping the back safe and secure. We are looking for a threat hunter who finds himself comfortable in both the cyber and physical realms.
Your key responsibilities:
- Perform analysis of threat actors for further enhancement of detection catalog and hunt missions by leveraging the MITRE ATT&CK framework.
- Review the available Intelligence sources (both local and global, covering physical and logical security) and transform those reports into actionable improvement proposals.
- Conduct manual and automated tests to identify potential security threats in ING assets, both internal and external. The main processes managed by this role will be:
- Threat hunting
- Incident management
- Vulnerability assessment and penetration testing
- OSINT investigations
- Physical security tests
- Investigating attacker TTPs for improving the Security Event Monitoring internal process
- Internal monitoring of attacks and intrusions
- Hunting of fake mobile applications and banking malware.
- Finding the best way to secure the IT infrastructure of an organization
- Fraud assessment on presential channels (branches)
- Lead / assist consultancy, and large / complex, customer programs
- Provide technical support in own area of expertise to cross-discipline team
- Problem resolution
- Project Management
- Support cross-discipline delivery across core programs / projects
- Conduct periodic scheduled tests to assess the security of systems and processes
- Conduct proactive reviews on the ING environment to identify security gaps
- Monitor latest industry threat hunting standards, analyze impact, and work with teams to mitigate risks.
- Continuous analysis of ING’s threat landscape based on intelligence sources and propose mitigations
- Manage law enforcement/court requirements and channel them to the appropriate teams.
- Collaborate with all the stakeholders to assess the business impact of the technical risks identified.
What are we looking for?
- Computer Science/Telco Engineer (preferred)
- Criminology degree with strong IT background
- At least minimum 3 years of experience.
- Experience in risk advisory services with a focus in information security, cybersecurity and information technology risk management.
- High level of English.
- Ability to work with an international environment.
- Knowledge in the financial sector is a plus.
- Knowledge of the cybersecurity, OSINT and hunting tools.
- Ability to multi-task, self-direct, manage deadlines and team-oriented.
- Lateral thinking and hacking mindset.
- Certificates like OCSP, CEH, CHFI or CISSP are a plus.
What do we offer?
The time you spend at work, the challenges you face or the lessons you get are very important, but… What about your personal life? At ING we want your work to fill you in every way, and that is why we take care of even the smallest detail.
Check out what is waiting for you!
Flexible schedule and 100% flexible e-working.
Work or e-work? We have a totally flexible model: choose the one that best suits you.
So that thinking about what to have for lunch doesn’t take up your time or your cravings.
Our house will be your home.
In our offices you can find electric mobility solutions, doctor, hairdresser, gym, urban orchard, The Good Service (to help you in your arrangements) and much more!
We hope you don't need to use it!
For you and all your family (spouse/partner and children).
In addition, you can enjoy our flexible remuneration model, through which you can access other services such as nursery, transport card, training aids…
Free company shuttle.
- Special loan or mortgage terms after 6 months working at the bank.
- And benefit from our pension plan after 2 years with us.
More health, more sports.
- Runners club with your own trainer.
- Clinics with professional, world-class athletes.
- Physiotherapy service on site.