Non-Financial Risk officer for Global CREFS in Amsterdam

Your role & work environment

As Global Corporate Real Estate and Facility Services (CREFS) we have the mission to:

“Create a welcoming and sustainable environment to work and meet, where professionals and customers are attracted, inspired and retained and where well-being, health and safety are central”.

Since 2018 ING has outsourced all its operational Real Estate (RE) and Facility Services (FS) processes in 7 countries (NL, BE, PL, TR, UK, ESP & IT) to one supplier via a Total Facility Management (TFM) model. Implementation of TFM constitutes a transformational change aimed at reducing costs by increasing efficiency (economies of scale), simplifying by increasing standardisation, improving cost visibility/transparency and streamlining the ING organization, whilst maintaining or improving service levels. Implementation of TFM is in line with the ING ‘Unite’ strategy, as it simplifies and streamlines the RE and FS function, helping us to collaborate better across borders and innovate much faster.

Managing the TFM contract is a responsibility of the CREFS function. The Global CREFS team (Tier 2) works in close collaboration with the CREFS teams in the countries (Tier 1) and the supplier.

As TFM implies a huge transformation the challenges for the Non-Financial Risk Officer is to make the various Non-Financial risks transparent and ensure that the required mitigating actions are initiated. This is done by creating an inventory of risks by category and by developing and implementing the necessary control systems to comply with the NFR guidelines, coordinating recurrent risk-related activities and providing operational assistance. Appropriate due diligence will need to ensure that the outsourced services are/or will become in accordance with ING’s (Non-Financial Risk) Standards and Policies.

Your key responsibilities

Your key tasks include, but are not limited to:

• Steer risk and security awareness within the Global CREFS organisation
• Support the CREFS organisation (T2 and T1) with coordination/documentation/monitoring of risk, compliance and security topics.
• Coordinate implementation of the Enterprise Risk Management (ERM) Framework within (Global) CREFS
• Perform deep dive gap analysis/ risk & control assessments in order to identify any potential gaps between ING Policies & standards and Supplier Controls.
• Recognize and articulate problems/risks related to the (implementation of) TFM
• Perform fact finding, collecting evidence and documenting activities;
• Advise the CREFS organisation on design/development of the required solutions, including scoping and fulfilling requirements.
• Provide the required Sox 404 statements to the countries twice a year based on Sox Scope Agreements and in cooperation with CBRE.
• Liaison with tier 2 security, risk & compliance functions and with local (T1) representatives in these fields

Besides the above Global CREFS needs to provide the countries with SOC reports related to the Lease Administration process which is outsourced.

For this purpose we must provide sufficient evidence by;

• Validating the E2E process and determine the required operational controls;
• Clearly define the required operational controls in a PCDM and map against the provided controls/evidence by the external supplier (SOC1 report);
• Map the required IT controls against the evidence from the external supplier (SOC2 report);
• If there is a gap in the mapping (insufficient evidence for the required ING controls), additional evidence must be provided by the supplier;
• Create a test plan for SOC;
• Review the test results of the controls and provide mitigating measures if needed.

How to succeed

To strengthen the Global CREFS team we are looking for a Non-Financial Risk Officer

• University Degree or equivalent
• 4-5 years experience within the Non-Financial Risk and Compliance domain
• Experience with Sox, Soc1 and Soc2
• Experience with outsourcing is desired
• Convincing in communication, writing & reporting skills in Dutch and English
• In-depth knowledge of Information Risk Management (IRM), IT and IT Security
• Able to deal with and advise on complex and difficult matters
• Preferably good knowledge of the banking business, processes and procedures

Soft skills

• A critical, though positive constructive mind set, accurate and thorough
• Pragmatic & sound judgment
• Result and solution driven
• Able to plan, organise and work independently
• Pro-active and take initiative, business and risk minded

What we offer

A job of 36 hours per week and a unique offer that fits in with the times of today. We take into account your home situation and your ambitions and help you to balance work and private life. Discover yourself our employment

We give the opportunity to have a broad view on Risk in a large, multi-segments bank in transformation together with regular exposure to senior management of RE and Facility Management on corporate and local country level. Incidental traveling is part of the Job.  
To give you an idea, we will tell you about the benefits of working at ING:

• A salary tailored to your qualities and experience
• Flexible working hours and the possibility to work at home
• A reimbursement for travel expenses
• 24 vacation days with a 36-hour working week
• Pension scheme
• 13th month salary
• Individual Savings Contribution (BIS), 3.5% of your gross annual salary
• 8% Holiday payment
• Personal growth and challenging work with endless possibilities to realize your ambitions
• An informal working environment with innovative colleagues who strive for the very best