Technology Specialist - Security

Digital & Technology Team (D&T) is an integral division of HEINEKEN Global Shared Services Center. We are committed to making Heineken the most connected brewery. That includes digitalizing and integrating our processes, ensuring best-in-class technology, and embedding a data-driven culture. By joining us you will work in one of the most dynamic and innovative teams and have a direct impact on building the future of Heineken!

Would you like to meet the Team, see our office and much more? Visit our website: Heineken (heineken-dt.pl)

Your responsibilities would include:
 

• designing, development and implementation of security measures for solutions deployed into various cloud, hybrid, and on-premise systems in HEINEKEN environment

• ensuring security by design principles are upheld in the implemented products

• ensuring embedding of joint security responsibility models definition related to federated governance systems
• providing input and feedback on security architectures/setup/configuration
• performing risk assessments on any new resource/application/functionality implemented in the cloud platforms
• participating in the Security and Quality assurance chapter and help embed security by design mindset into the HEINEKEN organization
• ensuring performance and automation of compliance and security controls
• supporting product teams in security decisions related to the product platforms
• supporting in automating continuous security testing for the product platforms
• supporting in resolving any security related audit or compliancy issues.

You are a good candidate if you have:

• 1-3 years working experience in security operations and advanced level of understanding regarding systems security at both technical and procedural level
• operational experience in securing one or more of the following solutions:

o low /no-code platforms
o robotics process automation (e.g. UiPath)
o integration and middleware platforms (Boomi, API Connect, SAP PO)
o SLDC Tools (E.g. AzureDevOps, Confluence, Zephyr, SonarQube)
o Microsoft Powerplatforms

• a solid understanding and have experience with systems automation platforms and technologies
• certifications such as CEH, CIR, CISM, CISA, CGEDIT, any of the OWASP or similar are a plus
• knowledge of industry standard security frameworks for information systems (NIST, ISO 27001/2, CSA, COBIT), the Cyber Kill Chain & MITRE ATT&CK framework
• ability to translate technical language into a story that can be understood, and cohesively present it back to different stakeholders with a clear message
• bachelor’s degree or equivalent experience
• passion for security and enjoys solving problems
• understanding the Agile mindset and have basic knowledge on working in a Scrum Team. You show end-to-end ownership on work that you do.
• excellent knowledge of English, written and verbal
• experience with outsourced managed services
• experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions

Content/Technical experience:

• knowledge of industry-standard security frameworks for information systems (CVSS, CIS Benchmarking, OWASP, NIST, ISO 27001/2, CSA, COBIT)
• relevant technical knowledge on securing platforms/solutions such as robotics automation platforms, low/no-code platforms, integration and middleware (for a complete list see section above).

Basic knowledge of:

• working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.).
• identity and access management
• securing other infrastructure. E.g.: Active Directory, Azure AD)
• system security (operating systems, applications), networking, and web applications
• enabling services (e.g. NTP, SMTP, patching, Antivirus)
• server infrastructure (VMWare ESXi, storage, Azure, AWS)
• basic cryptography knowledge (basic algorithm knowledge)
• DB security knowledge
• authentication protocol knowledge
• key storage solutions, security monitoring solutions (e.g. Splunk), SSO, security solutions (SSL, Remote Access, IPSEC, Reverse Proxy, IDS/IPS, Firewall)

We Offer: