Cybersecurity Chapter Lead

The Digital & Technology Team (D&T) is an integral division of HEINEKEN Global Shared Services Center. We are committed to making Heineken the most connected brewery. That includes digitalizing and integrating our processes, ensuring best-in-class technology, and embedding a data-driven culture. By joining us you will work in one of the most dynamic and innovative teams and have a direct impact on building the future of Heineken!

Would you like to meet the Team, see our office, and much more? Visit our website: Heineken (heineken-dt.pl)

The Chapter Lead Cybersecurity acts both as a line manager for cybersecurity professionals and as a subject matter expert for the cybersecurity domain within the D&T Support functions of the organization. This role remains embedded in a Product Team but is primarily accountable for ensuring the robust implementation and management of cybersecurity controls, practices, and compliance across all enabling and support areas (e.g., ERPs, Finance, Procurement, People, Legal, and Corporate Affairs).

The Chapter Lead is responsible for translating and actioning the strategic direction, policies, and governance frameworks designed by the Global Information Security (GIS) team. They ensure these are operationalized effectively to deliver a secure and compliant technology environment.

Your responsibilities would include:

• leading and developing a team of cybersecurity professionals supporting various enabling (support) functions

• fostering a high-performing and collaborative culture that encourages innovation, knowledge sharing, and continuous development

• aligning chapter members’ skills and growth with organizational needs and individual aspirations

• translating global cybersecurity strategy, policies, and governance frameworks into actionable plans within the domain of support functions

• ensuring cybersecurity is embedded in all digital initiatives and projects within the enabling functions

• identifying, assessing, and managing cybersecurity risks related to systems, data, and processes across support domains

• driving continuous improvement in control effectiveness, risk mitigation, and audit readiness

• ensuring compliance with regulatory and internal policy requirements, including data protection (e.g. GDPR) and business continuity

• promoting the use of automation and modern technologies to streamline cybersecurity processes such as threat detection, incident response, compliance checks, and reporting

• identifying and implementing opportunities for integrating cybersecurity automation into daily operations and workflows.

You are a good candidate if you have:

• Bachelor's or Master’s degree in Information Security or a relevant subject

• 7+ years of working experience in a similar environment

• Support for other CSOs

• 5+ years of experience working in agile teams in multi-cultural environments

• 5+ years of working with senior business stakeholders, influencing and working with Operating Companies

• experience in technical disciplines in relation to Information and Cyber Security management

• experience of working with relevant standards such as ISO 27001, COBiT and relevant laws and regulations such as privacy laws, including GDPR

• experience in managing audit and control processes within a technology context

• ability to work in a cross-functional environment and preferably experience in FMCG

• capable of managing multiple conflicting priorities and deadlines in a matrix environment with rapid change

• good interpersonal skills, oral and written communication skills, relationship management, and influencing skills

• ability to build and leverage personal and professional networks

• working within a local and global matrix context

• strong attention to detail, independent judgment, and decision-making

• experienced in self-developing through continuous learning, sharing best practices, knowledge, and expertise

• proficiency in English (at least B2 level).

You are a perfect match if you also have:

• certification in a relevant IT Security discipline (e.g., CISA, CISM, CISSP, CEH)
• certification or formal training in ITIL

At HEINEKEN Kraków, we take integrity and ethical conduct seriously. If someone has concerns about a possible violation of legal regulations indicated in the Polish Whistleblowing Act or our Code of Business Conduct, we encourage them to speak.up. Cases can be reported to the global team or locally (in line with the local HGSS Whistleblowing procedure) by selecting the proper option in this tool or by communicating it on the hotline. #LI-HYBRID