IT Risk Engineer for SaaS Solutions

ING Hubs Poland is hiring!

The expected salary for this position: 9600 - 15000 PLN

The financial ranges specified in the announcement are adjusted and may differ from the range specified in the remuneration regulations.

• have a minimum of 3-year relevant experience within IT Risk management for SaaS,
• are a senior and proven expert in the field of IT Risk, possessing in-depth knowledge of IT Risk Management and processes. You can deal with and advise on highly complex and difficult matters, including AI,
• are able to transfer IT security requirements into practical implementation,
• are a trusted advisor, who brings IT Risk under control by supporting the business lines. In addition, you know how engineers work and how controls can be best integrated in their daily way of working, ensuring that delivery and risk are balanced for the risk appetite of the business,
• are flexible, energetic, influential you adapt easily and can work both independently and in a team,
• can analyse and solve problems. You are a holistic thinker with an attention to details,
• are organized, can provide structure and maintain focus on the full picture.

• active holder of certifications issued by ISC2 (like CISSP, CCSP) or issued by ISACA (like CISM, CISA, CRISC) or similar,
• business oriented approach,
• Agile/Scrum knowledge.

• participate in RFI/RFP processes for new SaaS applications with stakeholders,
• conduct 3rd party Trust sessions / IT Risk assessments with suppliers,
• assess the third party assurance reports and certificates of the SaaS supplier (like ISO) and Service Organization Control (SOC 2) audit reports,
• identify potential exceptions, control gaps and manage the follow-up with SaaS supplier,
• act as SPOC for 3rd party penetration testing by ING,
• support Asset Owner on creating IA (Issue Acceptance) and/or MIA (Management Identified Action) and follow up on these,
• collect and register IT Risk related evidence (from ING and 3rd parties) and ensure this remains up-to-date and timely registered in ITRMP,
• conduct periodic IT Risk service meetings with SaaS supplier,
• determine the impact of new/changed external regulations /ING standards on the SaaS supplier,
• align with 3rd party on their product roadmap and release planning and determine the impact of 3rd party changes on ING,
• participate with ING Procurement, Legal and DPO.

We are looking for an enthusiastic and experienced SaaS (Software as a Service) Engineer to become part of the HR SaaS Chapter within Employee TECH Services. As SaaS engineer you will become part of international team within ING Group.

The role naming convention in the global ING job architecture will be “Engineer III