Technology Specialist - Security

At HEINEKEN Kraków (HEINEKEN Global Shared Services) our success comes directly from our great people. We are a growing team of business experts in finance, accounting, data and technology ready to „WOW” the world with our expertise, passion and pride to be GREEN.

We act on our values of Passion for consumers & customers, Courage to dream & pioneer, Care for people & planet, Enjoyment of Life, always focused on being ourselves: inclusive, diverse, and open for new challenges.

Your responsibilities would include:

• Assist with the design, development, and implementation of security measures for solutions deployed into various cloud, hybrid, and on-premises systems in HEINEKEN environment.
• Ensure security by design principles are upheld in the implemented products
• Ensure embedding of joint security responsibility models definition related to federated governance systems
• Thoroughly document security decisions and implementations,
• Provide input and feedback on security architectures/setup/configuration
• Perform risk assessments on new resource/application/functionality implemented in the infrastructure platforms
• Participate in the Security Chapter and help embed security by design mindset into the HEINEKEN organization
• Ensure performance and automation of compliance and security controls
• Support product teams and their architects in security decisions related to the product platforms
• Support in automating continuous security testing for the product platforms
• Support in resolving any security related audit or compliancy issue
• Support Portfolio Owner in vocalizing the identified risks and drive the planning and implementation of mitigating solutions 

You are a good candidate if you:

• Have 5+ years working experience as an accomplished infrastructure engineer
• Have 3+ years working experience in operational or ‘by design’ security roles and an advanced level of 
• Have understanding regarding systems security, at levels both technical and procedural 
• Have Bachelor’s degree or equivalent experience
• You show end-to-end ownership on work that you do
• Have Excellent knowledge of English, written and verbal 
• You have experience with outsourced managed services, using ITIL processes
• You possess a solid understanding and have experience with systems automation platforms and technologies
• You look for structural solutions over one-time quick fixes
• You have experience representing technical viewpoints to diverse audiences and in making Yputimely and prudent technical risk decisions
• You have certifications such as CEH, CIR, CISM, CISA, CGEDIT, any of the OWASP or similar are a plus

Content/Technical experience: 

• Knowledge of industry standard security frameworks for information systems (CVSS, CIS Benchmarking, OWASP, NIST, ISO 27001/2, CSA, COBIT)
• Familiarity with scripting programming e.g. Bash, PowerShell, Python
• Experience in automation, coding and/or scripting using one or more of the following languages: Java, Perl, Python, Go, Ruby, Terraform and/or similar is a plus

Knowledge of :

• Common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.).
• Identity and access management
• Securing domain infrastructures, e.g.: Active Directory, Azure AD
• System security (operating systems, applications), networking, and web applications
• Enabling services (e.g. NTP, SMTP, patching, Antivirus, etc.)
• Server infrastructure (VMWare ESXi, storage, Azure, AWS)
• Cryptography knowledge (basic algorithm knowledge)
• DB security knowledge
• Authentication protocols knowledge
• Key storage solutions, security monitoring solutions (e.g. Splunk), SSO, security solutions 
• (SSL, Remote Access, IPSEC, Reverse Proxy, IDS/IPS, Firewall)

Soft Skills:

• Being able to translate technical language into a story that can be understood, and cohesively present it back to different stakeholders with a clear message
• Provide clear, concise, and easily consumable communication with key technical and nontechnical stakeholders 
• Being able to work in an environment with already existing strong opinions on some common topics, while making your own voice hear
• Can work with people of many different cultures and backgrounds. 
• Able to work in a complex and somewhat externalized environment
• Interested in continuous self-development through training and learning on the job. Being curious about new developments and technologies; educating yourself
• Investigative and analytical problem-solving skills
• Teamwork, can-do mentality
• Be passionate about mentoring and coaching junior resources, sharing knowledge
• Having continuous improvement mentality that helps improve and grow the tea

Would you like to meet the Team, see our office and much more? Visit our website: Heineken (heineken-dt.pl)