#1 Job Board for tech industry in Europe

  • Job offers
  • Technology Specialist CDO (Platform Security Engineer)
    Security

    Technology Specialist CDO (Platform Security Engineer)

    Kraków
    Type of work
    Full-time
    Experience
    Senior
    Employment Type
    Permanent
    Operating mode
    Hybrid
    Heineken

    Heineken

    At HEINEKEN Krakow our Digital & Technology team is dedicated to enable the company to become the Best Connected Brewer through digitalizing and integrating our processes, ensuring best-in-class technology, and embedding a data-driven culture.

    Company profile

    Tech stack

      Azure Sentinel

      advanced

      Microsoft Deferender

      regular

      Azure

      regular

      Linux

      regular

    Job description

    Digital & Technology Team (D&T) is an integral division of HEINEKEN Global Shared Services Center. We are committed to making Heineken the most connected brewery. That includes digitalizing and integrating our processes, ensuring best-in-class technology, and embedding a data-driven culture. By joining us you will work in one of the most dynamic and innovative teams and have a direct impact on building the future of Heineken!


    Would you like to meet the Team, see our office and much more? Visit our website: Heineken (heineken-dt.pl)


    This role is part of the D&T department of HEINEKEN International and is located in Heineken Global Shared ServiceD&T is proud to bring cutting-edge innovation, strong technology, and advanced analytics to HEINEKEN. With speed and agility, we ensure HEINEKEN has the technological competitive advantages it needs to deliver on its ambition.


    The Platform Security Engineer is part of the Cyber Defense and Operations Tribe. It is one of the professionals who deliver a potentially releasable product increment at the end of each sprint. Product Teams are structured and empowered by the organization to organize and manage their work. The resulting synergy optimizes the Product Team’s overall efficiency and effectiveness. The Cyber Defense and Operations (CDO) Product Team is a global team accountable for building a cyber-resilient organization and this is achieved by acting as a first line of defense against cyber attacks and by educating the global organization on how to act and respond to security incidents to limit the business impact. The CDO Product Team capabilities are aligned with the NIST frameworks and are grouped into (1) Defensive Capabilities as Monitoring, Detection, Vulnerability Mng, and Threat Intelligence; (2) Offensive Capabilities as Incident Response and Penetration Testing; (3) Threat Hunting Capabilities.


    The CDO Product Team is a fast-growing team, working in a complex and challenging business environment and has an ambitious strategy to implement in the next years. In this context, the Cyber Defense Centre is seeking to hire an experienced platform security engineer with a passion for security architecture, to be part of the core CDO team.

     

    Your responsibilities would include:

     

    • fine-tuning the SIEM tools needed to identify and repel threats and working closely with other members of the team, especially if the system is under attack
    • supporting in EDR tool lifecycle management
    • maintaining tools, tools lifecycle, planning of rules and use case building, maintaining, retirement and improvements, maintaining software and infrastructure related to SIEM solutions, and updating systems
    • building the security architecture and systems, being part of the SIEM content development teams, and working with development operations teams to ensure that systems are up to date
    • documenting requirements, procedures, and protocols to ensure that other users have the right resources
    • working on DevSecOps pipelines and integrations to deploy and manage our defensive security stack.

     

    You are a good candidate if you have:

     

     

    • 5+ years of working experience as a security platform engineer
    • Bachelor's degree or equivalent experience
    • understanding of the Agile mindset and basic knowledge of working in a Scrum Team
    • excellent knowledge of English, written and verbal
    • experience with outsourced managed services, using ITIL processes
    • experience within the process control domain with a cyber security context
    • extensive knowledge of security engineering, Azure infrastructure, Linux security, containerized environments security, and/or cloud security
    • extensive knowledge of CICD in Azure
    • experience in automation, coding, and/or scripting using one or more of the following languages: Java, Perl, Python, Go, Ruby, Terraform, and/or similar is a plus
    • operational experience with SIEM (Azure Sentinel)– Log Management, Vulnerability scanning, and IPS/IDS technologies,
    • operational experience with the Microsoft Security Stack (Defender(s), especially MDE
    • Kusto query language knowledge (KQL)
    • experience with Azure Data Explorer and Azure Data Lake Storage
    • experience with working with ServiceNow is a plus
    • knowledge of industry-standard security frameworks for information systems (NIST, ISO 27001/2, CSA, COBIT)
    • extended knowledge of scripting programming e.g. Bash, PowerShell, Python
    • The Cyber Kill Chain & MITRE ATT&CK framework
    • basic knowledge of security solutions (SSL, Remote Access, IPSEC, Reverse Proxy, IDS/IPS, Firewall, Multi-Factor Authentication)
    • Intermediate knowledge of Penetration testing, Malware engineering, Offensive security specialist (e.g pen tester, ethical hacker, etc.), Sysadmin skills (Linux/MAC/Windows), Network admin skills, Network security administrator, Enabling services (e.g NTP, SMTP, patching, Antivirus), Server infrastructure (VMWare ESXi, storage, Azure, AWS), basic cryptography knowledge (basic algorithm knowledge), DB knowledge, authentication protocol knowledge
    • ability to translate technical language into a story that can be understood, and cohesively presented back to different stakeholders with a clear message
    • skill in providing clear, concise, and easily consumable communication with key technical and non-technical stakeholders
    • ability to with people of many different cultures and backgrounds
    • ability to work in a complex and highly externalized environment
    • interest in continuous self-development through training and learning on the job, and curiosity about new developments and technologies; educating yourself
    • critical thinking and contextual analysis abilities
    • investigative and analytical problem-solving skills
    • teamwork, can-do mentality
    • strong time management skills and willingness to go above and beyond where required
    • working in a highly dynamic environment, with high-pressure situations
    • ability to take decisive action based on available information in a timely manner
    • ability to research and characterize security threats to include identification and classification of threat indicators
    • being passionate about mentoring and coaching junior resources, sharing knowledge
    • continuous improvement mentality that helps improve and grow the team.




    We Offer:

    • 🏠 Flexible Work from Home scheme
    • 💸 Attractive Performance Bonus
    • 🚗 Parking Space for Employees
    • ⏰ Flexible working hours
    • 💳 Sodexo Card
    • ☂ Life Insurance
    • ➕ Employee Referral Programme
    • 🌐 Job Opportunities within HEINEKEN
    • 🩺 Private Medical Healthcare
    • ⭐ Social Events



    Check similar offers

    Cyber Security Architect

    New
    Fujitsu Technology Solutions Sp. z o.o.
    Undisclosed Salary
    Łódź
    , Fully remote
    Fully remote
    Vulnerability
    IAM
    Architecture

    Senior Security Engineer

    New
    SCALO
    6.61K - 6.98K USD
    Wrocław
    , Fully remote
    Fully remote
    Kubernetes
    Java
    Python

    Cyber Security Data Protection Consultant

    New
    Upvanta
    Undisclosed Salary
    Kraków
    , Fully remote
    Fully remote
    Data
    Cloud
    Security

    Pentester

    New
    Exatel S.A.
    Undisclosed Salary
    Warszawa
    , Fully remote
    Fully remote
    penetration testing
    IT Security

    IT Security Analyst (EDR)

    New
    ArcelorMittal BCOE
    Undisclosed Salary
    Warszawa
    , Fully remote
    Fully remote
    Security tools
    EDR
    SIEM