Technology Specialist - CDO

Digital & Technology Team (D&T) is an integral division of HEINEKEN Global Shared Services Center. We are committed to making Heineken the most connected brewery. That includes digitalizing and integrating our processes, ensuring best-in-class technology, and embedding a data-driven culture. By joining us you will work in one of the most dynamic and innovative teams and have a direct impact on building the future of Heineken!

Would you like to meet the Team, see our office and much more? Visit our website: Heineken (heineken-dt.pl)

Your responsibilities would include:

• being the first responders to higher priority incidents analyzing threats doing investigation and triage
• coordinating/aligning of broader SOC Analysts team and associated activity, with emphasis on real time proactive monitoring and incident response activity
• providing remote incident response activities and advice, to support HEINEKEN operating companies during and immediately after security incidents
• detecting threats, investigating those threats, and responding to them in a timely fashion (operational threat hunting related to realized security incidents). Additionally, analysts may have responsibilities that involve implementing security measures as dictated by management
• creating and maturing operational security processes, procedures and SOPs for incident response
• carring out in-depth investigation on Security events, raising incidents and supporting the Incident Management process
• supporting creating security monitoring content
• occasionally being on-call to respond to incidents that arise outside of business hours
• service management aspect – operationally overseing and coordinating third parties involved in incident response and security monitoring.

 
You are good candidate if you have:

• 3+  years working experience in security operations center of international companies and with SIEM solutions
• bachelor degree or equivalent experience
• a passion for security and enjoys solving problems
• understanding the Agile mindset and have basic knowledge on working in a Scrum Team. You show end-to-end ownership on work that you do
• excellent knowledge of English, written and verbal 
• experience with outsourced managed services, using ITIL processes
• certifications such as CEH, CIR, CISM, CISA, CGEDIT, any of the OWASP  or similar are a plus
• Incident Response framework practical experience.
   

Content/Technical experience:

• operational experience with SIEM (Azure Sentinel)– Log Management, Vulnerability scanning and IPS/IDS technologies,
• operational experience with Incident Response activities, using EDR solutions on daily basis
• kusto query language knowledge (KQL)
• knowledge of industry standard security frameworks for information systems (NIST, ISO 27001/2, CSA, COBIT)
• Familiarity with scripting programming e.g. Bash, PowerShell, Python
• The Cyber Kill Chain & MITRE ATT&CK framework
• Basic knowledge on security solutions (SSL, Remote Access, IPSEC, Reverse Proxy, IDS/IPS, Firewall, Multi Factor Authentication).

Knowledge of:

• Penetration testing, Malware engineering
• Offensive security specialist (e.g pen tester, ethical hacker, etc.)
• fysadmin skills (Linux/MAC/Windows)
• network admin skills
• network security administrator
• enabling services (e.g. NTP, SMTP, patching, Antivirus)
• server infrastructure (VMWare ESXi, storage, Azure, AWS)
• basic cryptography knowledge (basic algorithm knowledge)
• DB knowledge
• authentication protocol knowledge
• operating systems internal workings knowledge.

Soft Skills:

• being able to translate technical language into a story that can be understood, and cohesively present it back to  different  stakeholders with a clear message
• providing clear, concise and easily consumable communication with key technical and non-technical stakeholders
• people skills: you can work with people of many different cultures and backgrounds
• being able to work in a complex and highly externalized environment
• being interested in continuous self-development through training and learning on the job. Being curious about new developments and technologies; educating yourself
• having critical thinking and contextual analysis abilities
• having investigative and analytical problem solving skills
• teamwork, can-do mentality
• strong time management skills and willing to go above and beyond where required
• working in a highly dynamic environment, whit high pressure situations
• ability to take decisive action based on available information in a timely manner
• ability to research and characterize security threats to include identification and classification of threat indicators
• be passionate about mentoring and coaching junior resources, sharing knowledge
• having continuous improvement mentality that helps improve and grow the team.