IT Security / DevSecOps Engineer (Controls & Compliance) – ALM Applications

ING Hubs Poland is hiring! 

The expected salary for this position: 9000 – 19000 PLN gross 

The financial ranges specified in the announcement are adjusted and may differ from the range specified in the remuneration regulations. 

We are looking for you, if you: 

• Have experience translating security policies and IT risk/control standards into actionable requirements for engineering and operations teams

• Can implement and document security measures keeping applications compliant with IT Risk Policies, Minimum Standards and Process Control Standards

• Can explain security requirements clearly to stakeholders (DevOps, Ops, Product/Business, Risk & Security) and drive alignment

• Have experience coordinating, carrying out and documenting IT security test procedures (e.g., SOX/ITGC or other regulatory requirements where applicable)

• Are responsible for evidencing of applied security controls, keeping the IT Risk Measurement Platform (ITRMP) up-to-date and supporting internal and external auditing

• Can coordinate user access management of the applications (joiner/mover/leaver, access reviews, traceability and documentation)

• Speak English at B2+ level and communicate confidently in an international environment
   

You'll get extra points for: 

• Experience with ITRMP / security control evidencing templates and control automation concepts (reducing manual effort while staying compliant)

• Familiarity with audit evidence packs and supporting internal/external audits in regulated environments

• Background in DevOps / platform engineering, security hardening, or security champion roles within engineering teams

• Experience coordinating IAM/access governance and periodic access reviews for business-critical application

Your responsibilities: 

• Translate security policies and IT risk control standards into implementable requirements for ALM applications and ensure they are implemented and documented

• Coordinate, execute and document IT security test procedures and required evidence (incl. SOX/ITGC or other regulatory requirements where applicable)

• Own evidencing of applied security controls; collect, validate and store evidence; keep ITRMP control status and key fields accurate and up-to-date; support audits and follow-ups

• Explain security requirements to stakeholders and coordinate remediation actions to closure

• Coordinate user access management for ALM applications (requests, approvals, periodic reviews, traceability and documentation)

• Promote “automation first” for controls and evidence where feasible, using agreed approaches and templates to reduce TOIL while maintaining compliance. 

Information about the team: 

You’ll join a team supporting critical ALM applications in a regulated environment. We value efficiency, clear documentation and audit-ready execution. You’ll receive onboarding support, mentoring, and a structured learning plan for key topics. We offer a stable employment contract (UoP), annual bonus (13th salary), and a comprehensive benefits package including private medical care, insurance, Multisport card, PPE, hybrid work, company equipment, and subsidies for phone, glasses, tickets, and meals. 

The role naming convention in the global ING job architecture will be “Engineer III”.

The financial ranges specified in the announcement are adjusted and may differ from the range specified in the remuneration regulations.