Share this Job
Apply now »

Technology Specialist - CDO

At D&T we are committed to making Heineken the most connected brewery. We digitize and integrate our processes to ensure first-class technology in the company. IT’s on us!

By joining us you will have a direct impact on building the future of Heineken!

We are looking for IT specialists who are passionate about constantly developing, who can work independently and find themselves in an international team, who share our values ​​and who like to relax with a beer at the end of a busy day.


Your responsibilities would include:


75% of your time will be spent doing Threat hunting activities and 25% of your time Incident Response activities


Threat hunter activities:

  • Mature HNK Threat hunting process by evolving and improving existing setup in terms of capabilities, process, and technologies
  • Prioritize future Hunts based on Threat intelligence and HNK environment risks together with the HNK TH committee
  • Research trending campaigns, attack vectors, and search for these in HNK environment
  • Hunt for new patterns, activities, and ever-changing tactics associated with advanced threat actors
  • Perform Hypothesis, IOC and analytics-based hunts in HNK environment
  • Perform Threat Hunting write-up that contains summary of actions performed, results discovered during the hunt, conclusions made and analyze those with the TH committee in HNK
  • When needed, work with alerts from the SOC Analysts, Incident response team or HNK Vulnerability management team, to perform in depth analysis and triage threat activity based on host and network activity, traffic, and protocol analysis to identify infection vectors, the extent of the infection, and prepare high quality reports based on findings



Incident responder/SOC analyst:

  • Being the first responders to higher priority incidents analyzing threats doing investigation and triage.
  • Coordination/alignment of broader SOC Analysts team and associated activity, with emphasis on real time proactive monitoring and incident response activity.
  • Provide remote incident response activities and advice, to support HEINEKEN operating companies during and immediately after security incidents.
  • Detect threats, investigate those threats, and respond to them in a timely fashion (operational threat hunting related to realized security incidents). Additionally, analysts may have responsibilities that involve implementing security measures as dictated by management.
  • Create and mature operational security processes, procedures and SOPs for incident response
  • Carry out in-depth investigation on Security events, raise incidents and support the Incident Management process.
  • Support creating security monitoring content
  • Occasionally be on-call to respond to incidents that arise outside of business hours.
  • Service management aspect – operationally oversee and coordinate third parties involved in incident response and security monitoring.


You are a good Candidate if:

  • 3+  years working experience in security operations center of international companies and with SIEM solutions
  • Bachelor degree or equivalent experience
  • Have a passion for security and enjoys solving problems
  • You understand the Agile mindset and have basic knowledge on working in a Scrum Team. You show end-to-end ownership on work that you do.
  • Excellent knowledge of English, written and verbal 
  • You have experience with outsourced managed services, using ITIL processes
  • Certifications such as CEH, CIR, CISM, CISA, CGEDIT, any of the OWASP  or similar


Content/Technical experience:

  • Operational experience with SIEM (Azure Sentinel)– Log Management, Vulnerability scanning and IPS/IDS technologies,
  • Operational experience with the Microsoft security stack (Defender(s) especially Microsoft Defender for Endpoints
  • Kusto query language knowledge (KQL)
  • Knowledge of industry standard security frameworks for information systems (NIST, ISO 27001/2, CSA, COBIT)
  • Basic familiarity with scripting programming e.g. Bash, PowerShell, Python and Jupyter notebooks
  • The Cyber Kill Chain & MITRE ATT&CK framework
  • Basic knowledge on security solutions (SSL, Remote Access, IPSEC, Reverse Proxy, IDS/IPS, Firewall, Multi Factor Authentication)
  • Knowledge of :
    • Penetration testing, Malware engineering
    • Offensive security specialist (e.g pen tester, ethical hacker, etc.)
    • Sysadmin skills (Linux/MAC/Windows)
    • Network admin skills
    • Network security administrator
    • Enabling services (e.g. NTP, SMTP, patching, Antivirus)
    • Server infrastructure (VMWare ESXi, storage, Azure, AWS)
    • basic cryptography knowledge (basic algorithm knowledge)
    • DB  security knowledge
    • authentication protocol


Soft Skills:

  • Being able to translate technical language into a story that can be understood, and cohesively present it back to  different  stakeholders with a clear message
  • Provide clear, concise and easily consumable communication with key technical and non-technical stakeholders
  • People skills: you can work with people of many different cultures and backgrounds.
  • Able to work in a complex and highly externalized environment
  • Interested in continuous self-development through training and learning on the job. Being curious about new developments and technologies; educating yourself.
  • Critical thinking and contextual analysis abilities;
  • Investigative and analytical problem solving skills;
  • Teamwork, can-do mentality;
  • Strong time management skills and willing to go above and beyond where required
  • Working in a highly dynamic environment, whit high pressure situations
  • Ability to take decisive action based on available information in a timely manner;
  • Ability to research and characterize security threats to include identification and classification of threat indicators;
  • Strong time management skills and willing to go above and beyond where required
  • Be passionate about mentoring and coaching junior resources, sharing knowledge
  • Having continuous improvement mentality that helps improve and grow the team

Job Segment: Engineer, Information Systems, Linux, Network, Engineering, Technology

Apply now »