IT Security / DevSecOps Engineer (Controls & Compliance) - ALM Applications

Responsibilities

• Translate security policies and IT risk control standards into implementable requirements for ALM applications and ensure they are implemented and documented
• Coordinate, execute and document IT security test procedures and required evidence (incl. SOX/ITGC or other regulatory requirements where applicable)
• Own evidencing of applied security controls; collect, validate and store evidence; keep ITRMP control status and key fields accurate and up-to-date; support audits and follow-ups
• Explain security requirements to stakeholders and coordinate remediation actions to closure
• Coordinate user access management for ALM applications (requests, approvals, periodic reviews, traceability and documentation)
• Promote "automation first" for controls and evidence where feasible, using agreed approaches and templates to reduce TOIL while maintaining compliance.
• Information about the team:
• The role naming convention in the global ING job architecture will be "Engineer III ".
• The financial ranges specified in the announcement are adjusted and may differ from the range specified in the remuneration regulations.

Benefits

Additional Information

ING Hubs Poland is hiring! The expected salary for this position: 12000 - 18000 PLN gross The financial ranges specified in the announcement are adjusted and may differ from the range specified in the remuneration regulations. We are looking for you, if you: Have experience translating security policies and IT risk/control standards into actionable requirements for engineering and operations teams Can implement and document security measures keeping applications compliant with IT Risk Policies, Minimum Standards and Process Control Standards Can explain security requirements clearly to stakeholders (DevOps, Ops, Product/Business, Risk & Security) and drive alignment Have experience coordinating, carrying out and documenting IT security test procedures (e.g., SOX/ITGC or other regulatory requirements where applicable) Are responsible for evidencing of applied security controls, keeping the IT Risk Measurement Platform (ITRMP) up-to-date and supporting internal and external auditing Can coordinate user access management of the applications (joiner/mover/leaver, access reviews, traceability and documentation) Speak English at B2+ level and communicate confidently in an international environment You'll get extra points for: Experience with ITRMP / security control evidencing templates and control automation concepts (reducing manual effort while staying compliant) Familiarity with audit evidence packs and supporting internal/external audits in regulated environments Background in DevOps / platform engineering, security hardening, or security champion roles within engineering teams Experience coordinating IAM/access governance and periodic access reviews for business-critical application

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at ing? Share your experience