Description
Main Technical Competences:
- Broad ICT knowledge
- Minimum bachelor degree in an IT related area
- Strong knowledge of data base architecture in the different environments used by ING
- Oracle
- Sybase
- MS SQL
- ITIL V3 -Incident and Problem management process knowledge
Non Technical Competences:
- Highly customer oriented and who has an excellent service attitude
- Analytical and has a synthetic turn of mind
- Excellent communicator, who can be assertive towards multiple stakeholders
- Team worker
- Able to work in stressful situations
- Organized and who follows a problem-solving and results-oriented approach
- You have no fear of paperwork
- You have a can-do type of mentality
- Excellent written and spoken knowledge of English, knowledge of Dutch and/or French
- Flexibility (on-call 24/7 in case of major incidents)
- Develop and document information security procedures to enforce information security standards
- Follow-up activities and control quality of work done by ISP:
- Qualify escalated events detected by SEM, TSCM tools or provided by other sources
- Process detailed analysis and correlation investigations to qualify non solved and escalated events
- Provide L3 support for security incidents: Analyze and qualify escalated events, Initiate major security incident process
- Validate rules/waivers which filter out all security related events and provide qualification rules
- Identify and coordinate remediation of vulnerability findings within critical databases.
- Relay the information from CIRT to the specific Technology Infrastructure teams in order to allow for deeper identification of network/platform vulnerabilities and for a specific investigation and response activities
- Report unauthorized accesses to Level 2 Management
- Be part of on call support team (24/7)
- Coordination with other teams of security deficiency resolutions
- Follow-up of security related alerts and recommending corrective actions
- Define and implement security incident mitigation solutions
- Draw lessons learned from security incidents
- Make recommendations on solutions to prevent security incidents
- Coordinating and conducting IT forensics investigations for the business: Request to identify, collect, analyze and report on various malware related or other threats to security service providers in order to provide actionable intelligence to the bank
- Recommend implementation of new detection rules for these malwares to eFraud team or internally
- Control and validation of security patching process and reassessment of patching recommendations
- Control and authorize IT user access via role based access control (RBAC) for privileged users
- Knowledge and usage of tools (NetIQ, Tripwire)