at ING Bank
OtherPosted 8 days ago
No clicks
**Vulnerability Management Specialist & IAM Specialist - ING Hubs PH** Join ING, empowering people towards a better future. We're seeking Security experts for our growing team. As **Vulnerability Management Specialist**, drive risk-based remediation, engaging stakeholders to manage vulnerabilities. Experience in tool suites like Qualys, Tenable, or Rapid7 is a must. Your deep understanding of security frameworks and threat intelligence will enhance our robust risk management. Collaborate with **IAM Specialist** to protect sensitive data. As an **IAM Specialist**, manage risks in complex environments, offering IAM support and integrating solutions with Windows and Unix infrastructures. You'll bring expertise in directory services and authorization design, monitoring risk metrics and supporting compliance. Both roles offer an international work environment with trusted teams and challenging projects. Apply now and change the future of banking with ING Hubs PH!
- Compensation
- Not specified
- City
- Manila
- Country
- Not specified
Currency: Not specified
Full Job Description
ING Hubs Philippines (ING Hubs PH) is an international part of the ING organization delivering services to many Business Units across the world for both Wholesale Banking and Retail Banking activities. Working for ING Hubs PH means working with the most diverse workforce and where no challenge is the same.
At ING our purpose is to empower people to stay a step ahead in life and business. We believe that sustainable progress is driven by people with the imagination and determination to make a better future for themselves and those around them.
ING is changing what banking is. For you, that means plenty of opportunities for personal growth in a continuously evolving environment. If this is the environment you thrive in, then apply and join us in changing the future of banking!
Vulnerability Management Specialist
Required Skills & Experience
- Strong understanding of vulnerability management concepts, CVEs, CVSS scoring, exploitability, and threat intelligence.
- Experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7, Microsoft Defender, Prisma Cloud).
- Knowledge of operating systems, networking fundamentals, cloud technologies, and common technical architectures.
- Familiarity with security frameworks and standards (ISO 27001, NIST, CIS Controls, OWASP). Excellent stakeholder management and communication skills.
Roles and responsibilities
- Risk & Compliance
- Monitor the risk score of F&R and support the entity to be within Risk Appetite.
- Participate in the Risk Opinion process for PG7, ensuring a correct and complete assessment of Vulnerability Management metrics and controls.
- Review Vulnerability Management risk metrics and manage the remediation of issues resulting from the metrics
- Collaborate with Dev/Ops and risk officers to address Vulnerability Management related findings and remediation plans.
- Contribute to audits and compliance reviews for Vulnerability Management processes.
- Linking pin between the global CISO organization and the F&R community.
- Perform Deep dives to identify root causes behind Vulnerability Management control defects
- You are a trusted advisor who knows how to handle discussions with different stakeholders
- Vulnerability Management
- Validation/triage, risk scoring, remediation tracking, and verification.
- Prioritize by risk: Use CVSS, threat intel (exploitation in the wild), asset criticality, exposure, and compensating controls to drive risk-based remediation.
- Remediation orchestration: Taking sessions, coordinate owners, and ensure fix validation (patch, config, version upgrade, or mitigation).
- Governance & SLAs: Enforce remediation SLAs define exceptions and maintain audit trails.
- Continuous improvement: Reduce noise (false positives/duplicates), tune scans, improve coverage, and drive automation.
IAM Specialist
Required Skills & Experience
- Strong knowledge of directory services and infrastructure for Windows and Unix systems.
- Expertise in authorization design and validation.
- Experience with IT risk metrics and risk governance frameworks.
- Familiarity with IAM processes in complex, regulated environments.
- Excellent stakeholder management and communication skills.
Roles and responsibilities
- IAM Operational Expertise
- Review authorization models for Finance & Risk applications.
- Support teams in HPA usage and enforce best practices for privileged access.
- Support IAM architecture for on-premises and cloud environments (Azure preferred).
- Providing IAM support, explanations and workshops customized to the needs of the F&R DevOps teams.
- Integrate IAM solutions with Windows and Unix infrastructures.
- Risk & Compliance
- Monitor the risk score of F&R and support the entity to be within Risk Appetite.
- Participate in the Risk Opinion process for PG3, ensuring a correct and complete assessment of IAM metrics and controls.
- Review IAM risk metrics and manage the remediation of issues resulting from the metrics
- Collaborate with Dev/Ops and risk officers to address IAM-related findings and remediation plans.
- Contribute to audits and compliance reviews for IAM processes.
- Linking pin between the global CISO organization and the F&R community.
- Perform Deep dives to identify root causes behind IAM control defects
- You are a trusted advisor who knows how to handle discussions with different stakeholders
