ING
Financial Services
SecureDevelopmentEngineer
Neural analysis suggests this role is
optimal for Mid+ candidates.
“Secure Development Engineer at ING. Skills: Secure development, Offensive security, Vulnerability management, Secure coding practices. Provide analysis of security issues. Confirm hypotheses”
Industry & Context.
Root cause analysis
What They're Looking For.
Must Have
5+ years experience, Bachelor or Masters in IT or cybersecurity, Hands on experience with testing devices, infrastructure or cloud, networks and applications, Knowledge of secure coding aspects in at least one leading programming language
Nice to Have
Penetration Tester, Red Team or Cybersecurity consultant, Security Champion or developer experience, Testing web applications and APIs, mobile applications is a plus, Experience with secure design reviews and threat modelling methodologies, Familiarity with AI-driven systems, LLMs and agentic applications, Offensive Certifications like OSCP, OSWP, OSWA, OSWE, Burp Suite Certified Practitioner, eWPT, SANS Offensive Operations Certificates like GIAC Certified Penetration Tester (GPEN) / Certified Expert Penetration Tester (CEPT) is a plus
What You'll Do.
Provide analysis of security issues
Test new technologies
Certify new technologies
Monitor development environment
Monitor quality of tools
Monitor configurations
Analyze common vulnerabilities
Provide training on secure coding
Provide awareness on secure coding
Provide consulting on software issues
Provide expert knowledge on vulnerabilities
Provide consulting on code quality
Provide consulting on library use
Provide consulting on framework use
Provide consulting on application server settings
Support implementation of detective measures
Support implementation of preventive measures
Reduce attack surface
Provide analysis of development environment
Monitor tools supporting secure development
Monitor design supporting secure development
Monitor secure configurations
Support Global Security Champion Guild
Ensure security is embedded by default
Deliver security assessments of IT products
Deliver security assessments of infrastructure
Deliver security assessments of applications
Deliver security assessments of 3rd party services
Assess effectiveness of cybercrime resilience controls
Provide technical expertise
Provide analytical skills
Provide documentation support
Provide coordination support
Guide towards best practices
Guide towards industry standards
Guide towards solutions
Assure proper security design
Assure expected code quality
Assure security capabilities
Provide training on secure coding practices
Provide awareness on secure coding practices
Mature Security Champions capabilities
Improve Security Champions capabilities
Improve Global Security Champions Guid
Provide expert knowledge on software issues
Provide expert knowledge on vulnerabilities
Provide expert knowledge on code quality
Provide expert knowledge on library use
Provide expert knowledge on framework use
Provide expert knowledge on application server settings
Provide technical solutions for security issues
Provide technical solutions for design flaws
How You'll Work.
Team & Collaboration
Expert team; CoE's service consumers; Engineering organization
Communication Scope
Communicate technical issues
Process & Methodology
Agile
Full Job Description
**Secure Development Engineer** Department: CISO/ASM (Attack Surface Management)/Center of Expertise – Offensive Security/Secure Development & Engineering Expert Team Position: TBD Grades: to be graded **Background** ING Global CISO mission is to keep the bank secure and to safeguard customer trust by predicting, preventing, identifying and responding to threats and make sure a quick recovery from cyber-related incidents. We enable our ING colleagues by providing usable and secure services and ensure that security is part of our DNA. NG, like its competitors, is operating in an increasingly complex environment. Digitisation is a top priority as customer preferences are changing towards mobile and digital. ING is moving from traditional ways of delivering to a platform bank. The rise of disruptive technologies such as AI, combined with an expanding threat landscape, introduces new and more sophisticated cyber risks. In parallel, regulations like the Digital Operational Resilience Act (DORA) are raising the bar for operational resilience and security across the financial sector. **Generic summary of role** The ING Global CISO’s Attack Surface Management (ASM) tribe will focus on reducing both the external and well as the internal attack surface of the entire ING organisation, by (automated) hardening of our assets against cyber threats with preventive controls and proactively identifying and remediating vulnerabilities. One of area belonging to the ASM tribe is the Center of Expertise (CoE) Offensive Security including Penetration Testing and Security Development & Engineering Expert Team. Security Development & Engineering Expert Team is globally responsible for the following activities: * Providing specific analysis of security issues, confirming hypotheses, testing and certifying new technologies. * Continuous monitoring of development environment, quality of tools, configurations etc. basing on results of security processes embedded into Security Development Lifec
Applying for this Secure Development Engineer role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about ING?
Real rants from real employees. Read before you apply.