Technology Specialist - CDO

Digital & Technology Team (D&T) is an integral division of HEINEKEN Global Shared Services Center. We are committed to making Heineken the most connected brewery. That includes digitalizing and integrating our processes, ensuring best-in-class technology, and embedding a data-driven culture. By joining us you will work in one of the most dynamic and innovative teams and have a direct impact on building the future of Heineken!

Would you like to meet the Team, see our office and much more? Visit our website: Heineken (heineken-dt.pl)

The Vulnerability Management Analyst is part of the Cyber Defense and Operations Product Team, and is one of the professionals who do the work of delivering a potentially releasable increment of the product at the end of each sprint. Product Teams are structured and empowered by the organization to organize and manage their own work. The resulting synergy optimizes the Product Team’s overall efficiency and effectiveness.

The Cyber Defense and Operations (CDO) Product Team is a global team accountable for building a cyber resilient organization by acting as a first line of defense against cyber attacks and by educating the global organization on how to act and respond to security incidents to limit the business impact.

The CDO Product Team capabilities are aligned with the NIST frameworks and are grouped into (1) Defensive Capabilities as Monitoring, Detection, Vulnerability Management, Threat Intelligence; (2) Offensive Capabilities as Incident Response, Penetration Testing; (3) Threat Hunting Capabilities.

The CDO Product Team is a fast-growing team, working in a complex and challenging business environment and has an ambitious strategy to implement in the next years. In this context, the CDO Product Team is seeking to hire an experienced security vulnerability analyst, to be part of the core CDO team. We are searching for new team members who can achieve the exceptional by working collaboratively, who have the courage to risk new ways of doing things and the ability to see the bigger picture in protecting HEINEKEN.

Your responsibilities would include:

• driving a strong Vulnerability Management agenda to reduce or mitigate cybersecurity risks

• defining or refining Vulnerability Management processes across the enterprise, and ensuring stakeholders buy-in

• acting as a Subject Matter Expert with regards to Information Security vulnerabilities

• ensuring senior management’s visibility on vulnerabilities identification, remediation plans and risks status

• defining and measuring the necessary Vulnerability Management metrics

• combining the various sources of vulnerabilities information – pentests, scans, bug bounties, external researchers etc. – into one coherent picture

• driving the Vulnerability Management activities as part of a specialized Real-time Threat Management team, applying analytical, reasoning & specialized technical security expertise to investigate, isolate and track network and security vulnerabilities, identify and classify weakness and potential issues, filter out false-positives, aggregate vulnerabilities across assets to assign the appropriate priority and risk level

• supporting identification of vulnerabilities by enhancing vulnerability identification at process and technology level

• owning, managing, and maturing infrastructure vulnerability scanning process and tools and aligning with vulnerability identification KPIs

• supporting identification, triaging, assignment and remediation of vulnerabilities ensuring that vulnerability management lifecycle is followed

• acting as the Heineken counterpart in Service Management with our main supplier by being the first point of contact in case of escalations

• timely responding to security threats by collaborating with other security teams and providing effective remediation solution complemented by compensatory controls

• providing data driven insights into improvement opportunities for infrastructure vulnerability management process

• preparing reports for technical teams, compliance deliverables and executive management highlighting current status of infrastructure from vulnerability management perspective

• working with engineering teams for effective patch management by providing reports and vulnerability metrics

• providing support for infrastructure penetration testing

• driving the remediation process to ensure vulnerable assets are patched or remediated within agreed SLAs

• proactively researching new methods, tools, and strategies to effectively identify vulnerabilities

• facilitating service review sessions with HEINEKEN operating companies where current services are assessed and potential improvement areas are found

• looking for structural solutions over one-time quick fixes.

You are a good candidate if you have:

• 5+ years working experience in security operations and good level of understanding regarding systems security at both technical and procedural level

• understanding of infrastructure vulnerability scanning tools, EDR solutions

• understanding (technical aspects of) penetration testing and results (including scoping and organizing of pentests, use of vulnerability scanners, vulnerability management tools) and basic knowledge of web application vulnerabilities and standards

• understanding of IT fundamentals across networking (such as DNS, SNMP, DHCP, IPSEC etc.), system, and application layers

• bachelor degree or equivalent experience

• have a passion for security and enjoys solving problems

• you understand the Agile mindset and have knowledge on working in a Scrum Team 

• excellent knowledge of English, written and verbal

• you have experience with outsourced managed services, using ITIL processes

• certifications such as CEH, CIR, CISM, CISA, CGEDIT, any of the OWASP or similar

• knowledge of industry standard security frameworks for information systems (CVSS, CIS Benchmarking, OWASP, NIST, ISO 27001/2, CSA, COBIT)

• relevant technical solutions such as vulnerability management tooling (Nessus, Qualys, Defender for Endpoints)

• vulnerability remediation tools & techniques

• threat modelling experience

• system security (operating systems, applications), networking, and web applications

• Kusto Query Language knowledge (KQL)

• basic knowledge on security solutions (SSL, Remote Access, IPSEC, Reverse Proxy, IDS/IPS, Firewall, Multi Factor Authentication), practical knowledge on application security controls, and other infrastructure (e.g. Active Directory, DNS, IP Addressing, Azure AD)

• basic familiarity with scripting programming e.g. Bash, PowerShell, Python

• basic knowledge of: penetration testing, malware engineering, offensive security specialist (e.g. pen tester, ethical hacker, etc., sysadmin skills (Linux/MAC/Windows), network admin skills, network security administrator, enabling services (e.g. NTP, SMTP, patching, Antivirus), server infrastructure (VMWare ESXi, storage, Azure, AWS), basic cryptography knowledge (basic algorithm knowledge), DB knowledge, authentication protocol knowledge.

At HEINEKEN Kraków, we take integrity and ethical conduct seriously. If someone has concerns about a possible violation of legal regulations indicated in Polish Whistleblowing Act or our Code of Business Conduct, we encourage them to speak up. Cases can be reported to global team or locally (in line with the local HGSS Whistleblowing procedure) by selecting proper option in this tool or by communicating it on hotline.

#LI-KD1 #LI-HYBRID