Job Description, Responsibilities & Requirements
About the Position
At ING Hubs Spain we are looking for a Third party Audit Supervisor
We are looking for a talented and enthusiastic Third party Audit Supervisor to join our Tech Hub Spain Team of Third Party Cyber Risk Management.
The responsibility of this team is to perform onsite inspections worldwide with a focus on ING 3rd parties that support critical processes. We are a group of curious team-players IT auditors that enjoy addressing new challenges related to third-party vulnerabilities and IT risks.
Responsibilities
As a Third Party Audit Supervisor, you will:
- Lead a team of IT Auditors to execute onsite inspections on behalf of ING to third parties.
- Independently evaluate the design and implementation of IT controls executed by outsourcers.
- Plan, organize, execute risk-based onsite audits, coordinate with senior management/supplier to arrange the fieldwork.
- Assess the control environment via interviews, review of documentation, field inspections, configuration assessment, and by performing technical tests, including penetration tests and/or red teaming for critical third parties.
- Provide executive-ready dashboards, communicate systemic risk insights, and results to the management that helps ING to improve its security control environment and mitigate risks across third parties.
Requirements
- A bachelor’s or master’s degree in Computer Science or IT Engineering, IT Security, IT Risk Management, or IT Audit.
- Technical (security) knowledge of IT technologies, including operating systems, network infrastructure, database management systems, web technologies, mobile operating systems, and your favorite IT area(s) where you can consider yourself as an IT (security) expert.
- More than 6+ years of experience in IT Audit, with a sound knowledge of IT risk management, governance, and the three-lines of defence model. Experience in managing a team is a plus.
- Strong vendor negotiation and stakeholder management skills.
- Ability to translate technical gaps into business impact language.
- Experience in performing penetration tests or red teaming exercises.
- Strong knowledge of IT processes and standards, best practices from the market (COBIT, ISO 27001, ISO 22001, etc.).
- Comfortable leading both technical and IT process audits, dealing with conflicts, and managing expectations. Used to organizing fieldwork testing and meeting timelines.
- Coaching other team members and helping them to grow sounds exciting to you.
- Good English for both communication and writing, used to working in multicultural environments.
- Certifications in good standing such as CISA, CISSP, OSCP, ISO27001LA, etc.
Nice to Have
- Knowledge of banking industry regulations such as PSD2, EBA guidelines, or DORA NIST CSF, ISO/IEC 27001, SOC 2, Cloud Security Frameworks, and EU regulatory frameworks.
- Experience with vulnerability assessment and pentesting tools (e.g., Nessus, Wireshark, Burp, Kali, etc.).
- Experience with data analytics tools or scripting (e.g., Knime).
We Offer
- Flexible work model: Determine together with your team which days you work from home and which you come to ING MAD to offer your best self.
- Restaurant card: So that thinking about what to have for lunch doesn’t take up your time or your cravings.
- Our house will be your home: In our offices you can find electric mobility solutions, doctor, hairdresser, gym, The Good Service (to help you with your errands), and much more!
- Health insurance: For you and all your family (spouse/partner and children).
- Life insurance: We help you protect what matters most to you.
- Flexible remuneration: In addition, you will enjoy our flexible remuneration model, through a more tax-advantaged way, you will be able to access other services such as nursery, transport card, training aids, etc.
- Transport allowance: It doesn't matter where you live, we’ll help you get to the office.
- Pension plan: You can benefit from our pension plan after 1 month with us!
About the Company
We’re building something exciting-and we want you to be part of it.
ING is launching the new member of ING Hubs in Spain, an integral part of ING in charge of designing and delivering important technological and operational solutions to make banking frictionless for our customers. ING Hubs play a key role in our ‘Growing the difference’ strategy to become the best European bank. This will be our sixth global hub, joining a network of over 13,000 professionals in the Philippines, Poland, Romania, Slovakia, Türkiye, and Spain.
What makes us different?
- We have a tech-first mindset: We’re not just a bank-we’re a tech company that happens to do banking. Our new hub will be a center of excellence for scalable, fast, and secure technology.
- We have global impact: You’ll be working on solutions that serve more than 34 million customers in over 38 countries.
- We are agile: ING was the first bank to adopt agile at scale. We continue to evolve with a collaborative, cross-functional way of working.
- Sustainability at the heart of what we do: We have a role to play in defining new ways of doing business that align economic growth with positive environmental and social impact.
At ING, we believe in diversity, inclusion, and belonging. We’re proud of our international teams and are committed to creating an environment where everyone can thrive. We value authenticity, collaboration, and continuous learning.
We’re looking for curious minds, bold builders, and passionate problem-solvers. If you’re looking for a place to find new ways to drive efficiency and provide superior customer value, where your ideas matter, and where you can grow with purpose-we’re looking forward to meeting you.