Digital & Technology Team (D&T) is an integral division of HEINEKEN Global Shared Services Center. We are committed to making Heineken the most connected brewery. That includes digitalizing and integrating our processes, ensuring best-in-class technology, and embedding a data-driven culture. By joining us you will work in one of the most dynamic and innovative teams and have a direct impact on building the future of Heineken!
Would you like to meet the Team, see our office and much more? Visit our website: Heineken (heineken-dt.pl)
The SCC Security Specialist is responsible for supporting Security Business Impact and Security Assessments for HEINEKEN Global Functions, as well as advising on and implementing required security governance, controls, and activities in line with HEINEKEN's risk appetite.
Your responsibilities would include:
supporting Central D&T Product Teams, Global Functions and Asset Owners with the execution and completion of Business Impact Assessments and Security Assessments
supporting Global Functions with the selection, design and implementation of security requirements and controls of their digital solutions
developing and maintaining dashboard for Business Impact Assessments and Security Assessments, maintaining the Assessment funnel based on priority and planning assessments based on expiration of the assessment
periodically verifying ABACUS – OneTrust Synchronisation
supporting with writing, updating and reviewing the policies in the Security Policy House
maintaining awareness of emerging security industry trends, best practices and evaluating them for applicability
identifying potential security threats, vulnerabilities and risks, and proposing mitigations
supporting Product Teams and Global Functions to identify and drive opportunities to increase the efficiency of information security.
You are a good candidate if you:
Bachelor's or Master’s degree, preferably in Computer Science, AI, Data Science, or a related technical field
qualification in at least some of the following qualifications or their equivalent: CISSP, CISM, ISSMP, CISA, CIA, CSTA, CSTP, CIIP, CFIP, CSIS, CMI, CWSA
5+ years of experience in the cybersecurity / IT audit field and previous experience working as a cybersecurity officer/manager
ability to identify and drive opportunities to increase the efficiency of information security
knowledge of standards such as NIST, ISO2700, IEC62443
experience with business impact and security assessments
experience as a cybersecurity ambassador by supporting, informing, and communicating information security & risk requirements to the product teams and global functions
ability to explain cybersecurity governance and its processes to business stakeholders
ability to recognize problems, identify possible causes and resolve problems
ability to work and team with a multitude of different people and different cultures
flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change
strong analytical and reporting skills
demonstrated ability to write reports, procedures, policies, and communicate effectively in a variety of situations
excellent written and verbal English communication skills.
At HEINEKEN Kraków, we take integrity and ethical conduct seriously. If someone has concerns about a possible violation of legal regulations indicated in Polish Whistleblowing Act or our Code of Business Conduct, we encourage them to speak up. Cases can be reported to global team or locally (in line with the local HGSS Whistleblowing procedure) by selecting proper option in this tool or by communicating it on hotline.
#LI-AK1 #LI-HYBRIDWhat we offer: