IT Security Manager

Requisition ID: 34871 

Molson Coors is a leading brewer with 18,000+ employees, 30+ breweries and 130+ beer brands, consumed in more than 50 countries. Our GBS history in Romania started in 2017, when Molson Coors Global Business Services was established in Bucharest, and since then we have become a 650 people strong organization and growing continuously.

We deliver centralized operations to our Molson Coors Business Units across the Globe in Finance, Master Data, Commercial, HR and IT Business Services. Our impressive brands portfolio across the world includes Miller Genuine Draft, Madri, Staropramen and Bergenbier.

Accountable for ensuring a secure IT environment at Molson Coors - EMEA APAC area. This is a key IT security management role responsible for defining, enforcing, and maintaining the IT Security standards, processes & procedures that ensure company data and information assets are protected in the area the role is responsible for.

Protection of company data and information assets encompasses the complete IT environment, i.e. hardware, software, data, cloud services and other IT/business assets. The IT Security Manager role is the process, standards and procedures subject matter expert in on how to identify and protect that environment, detect and respond to threats, and ensure it can be recovered in the event of a disaster or other critical incident.

This role will work closely  with global IT Security Team for overseeing the management of cyber risk and control programs including vulnerability management, 3rd party risk assessment, and the cyber security controls program within the EMEA&APAC business unit. Together with the global IT security team this role will ensure risks are clearly identified and triaged specific to the region and unique business requirements. 

Key Responsibilities:

• Provide technical expertise in security architecture, enterprise architecture, IT strategy, and security concepts related to networking, endpoint security, cloud technology, cyber attack techniques, and incident handling procedures. This requires deep domain knowledge in many technical areas, but also extends to business processes such as regulations, legal, and human resources processes.
• Is responsible for conducting risk audits and assessments, evaluating IT security plans for effectiveness, and integrating IT security policies with business operations.  The role is responsible for managing & executing the tactical and strategic plans to address  identified risks; coordinating with regional stakeholders, vendors and suppliers.
• Ensure that the organization’s information security program is compliant with regulatory requirements. The focus will be on the EMEA business region and should focus on EU, UK, and similar laws relating to cyber security, requiring analysis of controls in various jurisdictions, remits, and system scopes. This includes monitoring changes to regional regulatory requirements and ensuring that the organization’s information security program is updated accordingly. 
• Works with different departments in the organization to reduce risk; is able to evaluate vendor risk, examine vendor contracts or terms of service, and help different teams around the organization understand third-party risk and data privacy issues. This requires communicating technical issues to non-technical audiences as well as working outside the traditional function of Information Technology.

Skills and Relevant Work Experience:

• 5-8 years experience of information security management or program/project management within the IT Security field.
• Experience with cloud platforms (e.g., AWS, Azure, Google Cloud) and their security features.
• Knowledge of firewall configuration and management.
• Experience with intrusion detection systems (IDS) and intrusion prevention systems (IPS).
• Skilled in developing and enforcing security policies and procedures.
• Familiarity with regulatory requirements (e.g., GDPR, NIS2, SOX, PCI-DSS) and ensuring compliance.
• Understanding of vulnerability assessments and penetration testing and execution of management action plans for resolution of critical items.
• Experience defining and implementing security solutions, policies, and technologies relating to Identity Management, Information Protection etc., with experience in Business Continuity/ Disaster Recovery implementations and executions
• Excellent communication and interpersonal skills, especially in global multi-cultural context, including managing conflict, crisis communications, etc. Proficiency in communicating complex security concepts to non-technical stakeholders.
• Expertise in analyzing and interpreting threat intelligence and skills in conducting risk assessments and developing mitigation strategies. Ability to create detailed security reports and documentation. 

#LI-Hybrid

Molson Coors is an equal opportunity employer.  We invite applications from candidates of all backgrounds, race, color, religion, sex, national origin, age, disability, veteran status or any other characteristic. If you have a disability and believe you need a reasonable accommodation during the application or recruitment processes, please e-mail jobs@molsoncoors.com.