Security Specialist Security Competence Center

Digital & Technology Team (D&T) is an integral division of HEINEKEN Global Shared Services Center. We are committed to making Heineken the most connected brewery. That includes digitalizing and integrating our processes, ensuring best-in-class technology, and embedding a data-driven culture. By joining us you will work in one of the most dynamic and innovative teams and have a direct impact on building the future of Heineken!

Would you like to meet the Team, see our office and much more? Visit our website: Heineken (heineken-dt.pl)

The SCC Security Specialist is responsible for supporting Security Business Impact and Security Assessments for HEINEKEN Global Functions, as well as advising on and implementing required security governance, controls, and activities in line with HEINEKEN's risk appetite.

Your responsibilities would include:

• supporting Central D&T Product Teams, Global Functions and Asset Owners with the execution and completion of Business Impact Assessments and Security Assessments

• supporting Global Functions with the selection, design and implementation of security requirements and controls of their digital solutions

• developing and maintaining dashboard for Business Impact Assessments and Security Assessments, maintaining the Assessment funnel based on priority and planning assessments based on expiration of the assessment

• periodically verifying ABACUS – OneTrust Synchronisation

• supporting with writing, updating and reviewing the policies in the Security Policy House

• maintaining awareness of emerging security industry trends, best practices and evaluating them for applicability

• identifying potential security threats, vulnerabilities and risks, and proposing mitigations

• supporting Product Teams and Global Functions to identify and drive opportunities to increase the efficiency of information security.

You are a good candidate if you:

• Bachelor's or Master’s degree, preferably in Computer Science, AI, Data Science, or a related technical field

• qualification in at least some of the following qualifications or their equivalent: CISSP, CISM, ISSMP, CISA, CIA, CSTA, CSTP, CIIP, CFIP, CSIS, CMI, CWSA

• 5+ years of experience in the cybersecurity / IT audit field and previous experience working as a cybersecurity officer/manager

• ability to identify and drive opportunities to increase the efficiency of information security

• knowledge of standards such as NIST, ISO2700, IEC62443

• experience with business impact and security assessments

• experience as a cybersecurity ambassador by supporting, informing, and communicating information security & risk requirements to the product teams and global functions

• ability to explain cybersecurity governance and its processes to business stakeholders

• ability to recognize problems, identify possible causes and resolve problems

• ability to work and team with a multitude of different people and different cultures

• flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change

• strong analytical and reporting skills

• demonstrated ability to write reports, procedures, policies, and communicate effectively in a variety of situations

• excellent written and verbal English communication skills.

At HEINEKEN Kraków, we take integrity and ethical conduct seriously. If someone has concerns about a possible violation of legal regulations indicated in Polish Whistleblowing Act or our Code of Business Conduct, we encourage them to speak up. Cases can be reported to global team or locally (in line with the local HGSS Whistleblowing procedure) by selecting proper option in this tool or by communicating it on hotline.

What we offer: