Info Security Expert at Bank Mendes Gans (BMG)
03-09-2024
4.240 - 6.882
Medior
Amsterdam
Bank Mendes Gans is part of ING and is the only bank in the world to engage exclusively in liquidity and information management solutions for Fortune 500 multinationals like Facebook, Huawei, Samsung, Micheal Kors, Versace, Groupon, McDonalds, Ebay, Duracell and Dow Jones. We operate a bank-independent model and we handle most of the world’s convertible currencies.
We don’t compete with your local banks - we cooperate with them. We work multi-currency, multi-country and multi-bank. This allows for a smooth implementation of your liquidity management strategy. Especially if your company has decentralized management, subsidiaries in different countries, different legal and tax regimes, and a large number of bank accounts, bank relationships and banking systems. As we offer overlay solutions on top of existing local bank infrastructure, there is no need to change banks.
Main responsibilities:
Providing IT security advisory and guidance to teams involved in development & support
Help teams in their information security and risk journeys: liaise with the BMG teams to ensure appropriate security controls are implemented.
- Active member in local Incident response team, with a focus on Cyber Security Incident Response (including Scenario Analysis, Runbook development and testing)
- Security Alerts handling/follow-up (phishing, antimalware, etc)
- Review and approve Application Security Baselines
- Review and challenge the security of External connections
- Participate as an active member in IT Security trainings & awareness campaigns & activities
- Challenge & Review Security Monitoring implementation & Scope. Review Security Event Monitoring implementation & alerts
- Review challenge vulnerability & penetration test reports and remediation plan & follow-up on remediation plan
- Check Vulnerability scan reports and follow up on remediation
- Ensure full compliance to the standards and policies set
- Stakeholder in relevant risk assessment exercises and meetings
How to succeed
We hire smart people like you for your potential. Our biggest expectation is that you’ll stay curious. Keep learning. Take on responsibility. In return, we’ll back you to develop into an even more awesome version of yourself.
Furthermore, you have:
- 3-4 years (preferably in Software company or Financial institution) in an IT security role
- Understanding of network and web related protocols (such as TCP/IP, UDP, IPSEC, HTTP, HTTPS, protocols).
- Familiarity with cloud security controls and best practices.
- Experience in developing cyber-security risk and incident management processes and a solid understanding of cyber threat landscape
- Familiar with ISO2700x, NIST, ISF, CIS and similar frameworks
- Nice to have: relevant security certifications (e.g. ISC2 SSCP/CISSP, ISACA CISM/CISA/CIRISC, CompTIA Security+, EC-Council CEH, ISO/IEC 27001)
Competencies:
- Strong sense of ownership, urgency, and drive
- Customer-focused and enjoy working as part of a team
- Strong capabilities to build internal confidence in a situation of constant change
- Strong problem solving and analytical thinking - ability to diagnose and resolve ambiguous problems;
- Strong resilience to stress and constructive and collaborative mindset;
- Willingness to support and coach less experienced colleagues; provide help when needed and criticize in a constructive manner;
- Support for creating a friendly work environment based on respect, trust and partnership values.
