Technology Specialist CDO
Digital & Technology Team (D&T) is an integral division of HEINEKEN Global Shared Services Center. We are committed to making Heineken the most connected brewery. That includes digitalizing and integrating our processes, ensuring best-in-class technology, and embedding a data-driven culture. By joining us you will work in one of the most dynamic and innovative teams and have a direct impact on building the future of Heineken!
Would you like to meet the Team, see our office and much more? Visit our website: Heineken (heineken-dt.pl)
Your responsibilities would include:
- upholding Vulnerability Management processes across the enterprise, and ensure stakeholders buy-in
- act as a subject matter expert with regards to Information Security vulnerabilities
- defining and measuring the necessary Vulnerability Management metrics
- combing the various sources of vulnerabilities information – pentests, scans, bug bounties, external researchers etc. – into one coherent picture
- driving the Vulnerability Management activities as part of a specialized Real-time Threat Management team. This includes applying your analytical, reasoning & specialized technical security expertise to investigate, isolate and track network and security vulnerabilities, identify and classify weakness and potential issues, filter out false-positives, aggregate vulnerabilities across assets to assign the appropriate priority and risk level
- supporting identification of vulnerabilities by enhancing vulnerability identification at process and technology level
- owning, managing, and maturing infrastructure vulnerability scanning process and tools and align with vulnerability identification KPIs
- supporting identification, triaging, assignment and remediation of vulnerabilities ensuring that vulnerability management lifecycle is followed
- timely responding to security threats by collaboration with other security teams and provide effective remediation solution complemented by compensatory controls
- providing data driven insights into improvement opportunities for infrastructure vulnerability management process
- preparing reports for technical teams, compliance deliverables and executive management highlighting current status of infrastructure from vulnerability management perspective.
- driving the remediation process to ensure vulnerable assets are patched or remediated within agreed SLAs
- proactively researching new methods, tools, and strategies to effectively identify vulnerabilities
- looking for structural solutions over one-time quick fixes.
You are a good candidate if you have:
- knowledge of industry standard security frameworks for information systems (CVSS, CIS Benchmarking, OWASP , NIST, ISO 27001/2, CSA, COBIT)
- basic familiarity with scripting programming e.g. Bash, PowerShell, Python
- relevant expertise in working with vulnerability management tooling (Tenable, EASM, Defender for Endpoints)
- knowledge of vulnerability remediation tools & techniques
- knowledge of system security (operating systems, applications), networking, and web applications.
You are a perfect match if you also have:
- familiarity with ServiceNow SecopsVR
- kusto query language knowledge (KQL).
🔎 What we offer:
🏠 Flexible Work from Home scheme
💸 Attractive Performance Bonus
🚗 Parking Space for Employees
⏰ Flexible working hours
💳 Sodexo Card
☂ Life Insurance
➕ Employee Referral Programme
🌐 Job Opportunities within HEINEKEN
🩺 Private Medical Healthcare
⭐ Social Events