Security legal and regulatory specialist

The Information Security Legal and Regulatory Specialist will be responsible for monitoring, analyzing, and ensuring compliance with new and existing laws, regulations, and industry standards that impact ING's information security and IT Risk practices. This includes the bank's compliance with European Central Bank (ECB) regulations and supervisory requirements in that area.

This role will support the CISO in maintaining a robust compliance framework, mitigating legal risks and facilitating communication between the bank and supervisory bodies.

The position is open to a candidate for both GJG17 and GJG18, depending on the qualifications of the candidate.  

Key Responsibilities:

• Monitor Legislation: Continuously track and review new and evolving laws, regulations, and industry standards related to information security, IT Risk and data protection.
• Advocacy strategy: suggest advocacy strategies on evolving law and legislation, execute advocacy strategies and coordinate ING to speak with one voice. Use associations where valuable.
• Compliance Analysis: Analyse the impact of new legislation on the organization's information security policies and procedures.
• Internal Reporting: Prepare detailed reports and summaries of relevant legal and regulatory changes for the CISO and other stakeholders enabling all information security policies and procedures to align with supervisory expectations.
• Policy Development: Support in the development and updating of information security policies and procedures to ensure compliance with applicable laws and regulations.
• Training and Awareness: Develop and deliver training programs to educate employees on compliance requirements and best practices.
• Collaboration: Work closely with legal, IT, CISO, Risk, Data privacy Officers and other departments to ensure a coordinated approach to compliance.
• External reporting: Prepare and submit required reports and documentation to ECB supervisory bodies, ensuring accuracy and timeliness of those reports.
• Supervisory Audit Preparation: Assist in preparing for ECB audits and inspections, including gathering necessary documentation and coordinating responses to audit findings.
• Assist in being the primary point of contact between the bank and ECB supervisory bodies, facilitating effective communication and addressing any queries or concerns.
• Risk Assessment: Conduct regular risk assessments to identify potential compliance issues and recommend mitigation strategies.
• Audit Support: Assist in internal and external audits related to information security compliance.

How to Succeed :

• Education: Bachelor's degree in Law, Information Security, or a related field. A Master's degree or relevant certifications (e.g., CISM, CISA, CIPP, CISSP) is a plus.
• Experience: Minimum of 3-5 years of experience in a compliance or legal role, preferably within the information security or technology sector. Having knowledge of ING's Risk framework and/or IT service landscape is a plus
• Skills: Strong analytical skills, attention to detail, excellent written and verbal communication skills, and the ability to interpret complex legal documents.
• Knowledge: In-depth understanding of information security principles, data protection laws (e.g., GDPR, DORA), and industry standards (e.g., ISO 27001, NIST).
• Integrity: High ethical standards and integrity in professional and personal conduct.
• Proactive: Ability to anticipate and address compliance issues before they become problematic.
• Team Player: Collaborative mindset with the ability to work effectively in cross-functional teams across the bank and other banks within associations.
• Adaptable: Flexibility to adapt to changing regulatory landscapes and organizational needs.

Rewards & benefits  

We want to make sure that you can strike the right balance between your career and your private life. You can find out more about our employment conditions here.  

The benefits of working with us at ING include: 

• A salary tailored to your qualities and experience
• 36 or 40 hour workweek
• Individual leave: 24+2 individual holiday days based on 36 hr workweek
• Diversity leave: 3 days per year (1,5 paid, 1,5 unpaid)
• CSR days: up to 2 days per year to actively engage in society by volunteering
• 13th month salary
• 8% Holiday payment
• Individual Savings Contribution (BIS), 3.5% of your gross annual salary
• Mobility card
• Attractive pension scheme
• Hybrid working to blend home working for focus and office working for collaboration and co-creation

Want to apply directly?

Upload your CV and motivation letter by clicking the "Apply" button. Multiple interview steps involving various business stakeholders will be part of the selection process.

About us 

With 60,000 employees and operations in approximately 40 countries, there is no shortage of opportunities for people with initiative who want to help people take a step ahead in life and business. Do you want to work at the cutting edge of what's possible while ensuring you work with integrity and hold the customer's interests at heart? Do you want to be surrounded by progressive, inspiring, diverse, supportive colleagues? Then there is no better place to invest your talents than at ING. Join us and apply today!