Share this Job
Apply now »

Technology Specialist - Security

At D&T we are committed to making Heineken the most connected brewery. We digitize and integrate our processes to ensure first-class technology in the company. IT’s on us!

By joining us you will have a direct impact on building the future of Heineken!

We are looking for IT specialists who are passionate about constantly developing, who can work independently and find themselves in an international team, who share our values ​​and who like to relax with a beer at the end of a busy day.

 

Your responsibilities would include:

 

  • The Security technical specialist will assist with the design, development and implementation of security measures for solutions deployed into various cloud, hybrid, and on-premise systems in HEINEKEN environment. 
  • Ensure security by design principles are upheld in the implemented products
  • Ensure embedding of joint security responsibility models definition related to federated governance systems
  • Thoroughly document security decisions and implementations,
  • Provide input and feedback on security architectures/setup/configuration
  • Perform risk assessments on any new resource/application/functionality implemented in the cloud platforms
  • Participate in the Security and Quality assurance chapter and help embed security by design mindset into the HEINEKEN organization
  • Ensure performance and automation of compliance and security controls
  • Support product teams in security decisions related to the product platforms
  • Support in automating continuous security testing for the product platforms
  • Support in resolving any security related audit or compliancy issues

 

You are a good candidate if:

 

  • 1-3 years working experience in security operations and advanced level of understanding regarding systems security at both technical and procedural level
  • Operational experience in securing one or more of the following solutions;
    • low /no-code platforms
    • Robotics process automation (e.g. UiPath)
    • Integration and middleware platforms (Boomi, API Connect, SAP PO)
    • SLDC Tools (E.g. AzureDevOps, Confluence, Zephyr, SonarQube)
    • Microsoft Powerplatforms
  • Possess a solid understanding and have experience with systems automation platforms and technologies.
  • Certifications such as CEH, CIR, CISM, CISA, CGEDIT, any of the OWASP or similar are a plus
  • Knowledge of industry standard security frameworks for information systems (NIST, ISO 27001/2, CSA, COBIT), the Cyber Kill Chain & MITRE ATT&CK framework
  • Being able to translate technical language into a story that can be understood, and cohesively present it back to different stakeholders with a clear message
  • Bachelor’s degree or equivalent experience
  • Have a passion for security and enjoys solving problems
  • You understand the Agile mindset and have basic knowledge on working in a Scrum Team. You show end-to-end ownership on work that you do.
  • Excellent knowledge of English, written and verbal 
  • You have experience with outsourced managed services
  • You look for structural solutions over one-time quick fixes.
  • Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions.

 

Content/Technical experience:

 

  • Knowledge of industry-standard security frameworks for information systems (CVSS, CIS Benchmarking, OWASP, NIST, ISO 27001/2, CSA, COBIT)
  • Relevant technical knowledge on securing platforms/solutions such as robotics automation platforms, low/no-code platforms, integration and middleware (for a complete list see section above).
  • Basic knowledge of:
    • Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.).
    • Identity and access management
    • Securing other infrastructure. E.g.: Active Directory, Azure AD)
    • System security (operating systems, applications), networking, and web applications
    • Enabling services (e.g. NTP, SMTP, patching, Antivirus)
    • Server infrastructure (VMWare ESXi, storage, Azure, AWS)
    • basic cryptography knowledge (basic algorithm knowledge)
    • DB security knowledge
    • authentication protocol knowledge
    • Key storage solutions, security monitoring solutions (e.g. Splunk), SSO, security solutions (SSL, Remote Access, IPSEC, Reverse Proxy, IDS/IPS, Firewall)


Job Segment: Information Systems, Middleware, Quality Assurance, Network, SAP, Technology

Apply now »