Lead Governance, IT Risk & Compliance

Lead Governance, IT Risk & Compliance

Lead Governance, IT Risk & Compliance – CISO team ING Italy’s CISO team is looking for the Lead Governance, IT Risk & Compliance as part of the strengthening of the ING Italy’s CISO team. It is a leadership role focused on taking responsibility for security governance, ensuring implementation and monitoring of IT risk controls to deliver a safe, secure and compliant IT environment. This role leads the SoX controls coordination for IT, key control testing coordination for ICT controls, ensures third‑party cyber risk processes are embedded in BAU, and drives IT risk remediation across the entity.

Key Responsibilities

• Extensive experience and specialist expertise in governing and managing information security activities
• Recognized expert in information security governance, risk and compliance, providing guidance on governance and management of information security risks for major IT programs and strategic initiatives
• Proven track record of contributing to strategic planning for information security in a complex environment and of developing and implementing organization‑level policies, standards and guidance
• Ability to establish relationships and influence key stakeholders at all levels to build the reputation of Information Security and to benefit the institution as a whole
• Demonstrable experience managing a team of experts and coordinating relationships between teams and stakeholders across an organization to deliver efficient information security governance and remediation
• Developing and managing information security audit and assurance programs, including assessment of third‑party security
• Developing and managing training and awareness programs for diverse stakeholders
• Setting standards for, delivering and monitoring an information security service, and developing reporting frameworks and dashboards
• Leading or creating a network of internal and external stakeholders to challenge or lead thinking in governance, risk and compliance
• Excellent analytical skills and the ability to manage multiple projects under strict timelines, and to work in a demanding, dynamic environment and meet objectives
• High level of personal integrity, professional handling of confidential matters, and appropriate judgment and maturity
• Excellent written and oral communication, interpersonal and collaborative skills, and ability to communicate risk concepts to technical and non‑technical audiences at all levels
• Master’s degree calibre with appropriate qualifications such as CISM, CISSP
• Knowledge of common information security management/governance frameworks such as ISO/IEC 27001, ITIL and COBIT

Qualifications

• Extensive experience and specialist expertise in governing and managing information security activities
• Recognized expert in information security governance, risk and compliance
• Proven track record in strategic planning for information security
• Leadership ability to influence stakeholders at all levels
• Experience managing teams and coordinating across organizations
• Experience in audit, assurance, training, awareness, service delivery and reporting frameworks
• Strong analytical, project management and communication skills
• Master’s degree and professional certifications such as CISM, CISSP
• Knowledge of ISO/IEC 27001, ITIL, COBIT and similar frameworks

The type of person we are looking for

• Inspiring, full of energy and passionate for IT‑Risk & Controls
• Focused on working together, facilitating others within the area and stakeholders for success
• Not afraid to challenge the status quo
• Proven experience and knowledge of IT Risk & Controls and related processes
• Experience with the Agile Way of Work
• Result‑driven and think in possibilities
• Constantly looking for improvements
• Self‑starter, eager to learn and continuously develop in the risk area

Working conditions

Full Time • Permanent • Milan (hybrid)

Benefits

• Super flexible smart working
• Competitive base salaries and performance‑based bonuses
• Diverse cultures & innovative mindsets
• International environment
• Commitment to sustainability
• Training and development opportunities to help you grow
• Moments dedicated to physical and mental well‑being
• A special day off on your birthday
• Free water & coffee at the office

We are committed to diversity, offering a safe and inclusive environment based on mutual respect and equal job opportunities to all qualified candidates.