ING Hubs Philippines (ING Hubs PH) is an international part of the ING organization delivering services to many Business Units across the world for both Wholesale Banking and Retail Banking activities. Working for ING Hubs PH means working with the most diverse workforce and where no challenge is the same.
At ING our purpose is to empower people to stay a step ahead in life and business. We believe that sustainable progress is driven by people with the imagination and determination to make a better future for themselves and those around them.
ING is changing what banking is. For you, that means plenty of opportunities for personal growth in a continuously evolving environment. If this is the environment you thrive in, then apply and join us in changing the future of banking!
Vulnerability Management Specialist
Required Skills & Experience
- Strong understanding of vulnerability management concepts, CVEs, CVSS scoring, exploitability, and threat intelligence.
- Experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7, Microsoft Defender, Prisma Cloud).
- Knowledge of operating systems, networking fundamentals, cloud technologies, and common technical architectures.
- Familiarity with security frameworks and standards (ISO 27001, NIST, CIS Controls, OWASP). Excellent stakeholder management and communication skills.
Roles and responsibilities
- Risk & Compliance
- Monitor the risk score of F&R and support the entity to be within Risk Appetite.
- Participate in the Risk Opinion process for PG7, ensuring a correct and complete assessment of Vulnerability Management metrics and controls.
- Review Vulnerability Management risk metrics and manage the remediation of issues resulting from the metrics
- Collaborate with Dev/Ops and risk officers to address Vulnerability Management related findings and remediation plans.
- Contribute to audits and compliance reviews for Vulnerability Management processes.
- Linking pin between the global CISO organization and the F&R community.
- Perform Deep dives to identify root causes behind Vulnerability Management control defects
- You are a trusted advisor who knows how to handle discussions with different stakeholders
- Vulnerability Management
- Validation/triage, risk scoring, remediation tracking, and verification.
- Prioritize by risk: Use CVSS, threat intel (exploitation in the wild), asset criticality, exposure, and compensating controls to drive risk-based remediation.
- Remediation orchestration: Taking sessions, coordinate owners, and ensure fix validation (patch, config, version upgrade, or mitigation).
- Governance & SLAs: Enforce remediation SLAs define exceptions and maintain audit trails.
- Continuous improvement: Reduce noise (false positives/duplicates), tune scans, improve coverage, and drive automation.
IAM Specialist
Required Skills & Experience
- Strong knowledge of directory services and infrastructure for Windows and Unix systems.
- Expertise in authorization design and validation.
- Experience with IT risk metrics and risk governance frameworks.
- Familiarity with IAM processes in complex, regulated environments.
- Excellent stakeholder management and communication skills.
Roles and responsibilities
- IAM Operational Expertise
- Review authorization models for Finance & Risk applications.
- Support teams in HPA usage and enforce best practices for privileged access.
- Support IAM architecture for on-premises and cloud environments (Azure preferred).
- Providing IAM support, explanations and workshops customized to the needs of the F&R DevOps teams.
- Integrate IAM solutions with Windows and Unix infrastructures.
- Risk & Compliance
- Monitor the risk score of F&R and support the entity to be within Risk Appetite.
- Participate in the Risk Opinion process for PG3, ensuring a correct and complete assessment of IAM metrics and controls.
- Review IAM risk metrics and manage the remediation of issues resulting from the metrics
- Collaborate with Dev/Ops and risk officers to address IAM-related findings and remediation plans.
- Contribute to audits and compliance reviews for IAM processes.
- Linking pin between the global CISO organization and the F&R community.
- Perform Deep dives to identify root causes behind IAM control defects
- You are a trusted advisor who knows how to handle discussions with different stakeholders