.At ING we are looking for a Information Risk Management (IRM) ExpertYour role and work environment:We are looking for a talented and enthusiastic IRM expert to join our Regional Information Risk Management Team in Spain (RegIRM-ES) of Information Risk / Technology Risk.The responsibility of this team is providing direct Information Risk Management (IRM) and Business Continuity Management (BCM) support to the IRM officers in the countries (currently Spain, Portugal, France, Italy, UK, Belgium and WB). RegIRM-ES also supports Corporate IRM (CIRM) in the development and maintenance of the non-financial risk management framework (policy setting and advisory) with a focus on Information (Technology) Risks and Continuity Risks. RegIRM-ES as well focuses on the Information (Technology) Risk and Continuity Risk:- Information Technology (IT) – concerns managing Information (Technology) Risks within IT Governance, IT Management and IT Security; - Operational Resilience– concerns measures to ensure Availability of Business Services; - Information Management– concerns managing Information (Technology) Risks within the lifecycle of information and use of information to the benefit of the stakeholders.- Continuity Risk is the risk of financial loss, regulatory sanctions or reputational damage due to business disruptions caused by severe events (e.G. natural disasters, infectious diseases, power outages, terrorism).Your key responsibilities:As a IRM expert you will:
- Be a trusted IRM advisor towards IT and business management in the countries supported and towards the other non-financial risk specialists;
- Create and publish strategic and ad-hoc risk analyses, risk papers and risk reports with fact finding, research and documenting activities;
- Perform parts of the functional oversight of the regional IRM community by means of QA reviews as part of our functional steering role;
- Participate in, challenge and periodically report upon the risks of key strategic (IT/BCM) programs and projects;
- Participate and challenge in risk assessments on specific Operational Risk or Information Risk projects and programs, taking direction over junior ORM, BCM and IRM colleagues;
- Develop and maintain training modules and train the IT / business community and your Non-Financial Risk (NFR) colleagues.
- Support the Regional Head of IRM and BCM (RegIRM-ES) with research, fact finding, collecting evidence and documenting activities;
- Support the Regional Head of IRM and BCM (RegIRM-ES) in the reporting on IT and Continuity Risk
- Contribute to the development and maintenance of Corporate ING IRM Strategy, Framework, Policies, Minimum Standards, Procedures, Methods and Techniques;
- Identify external / internal developments, initiatives and threats