Cyber Security Officer - DampT - Heineken

Security Operations
o Implement global security strategies to maintain the continuity of systems and update these based on local threats.
Responsible for managing updates related to Global Function Security Standards that are required due to local legislative requirements in consultation with the Global Information Security Specialist in line with the HEINEKEN Security Strategy and supporting the HEINEKEN Business Strategy.
Responsible for Global Function security approvals regarding global services (e.g. HeiNet) to maintain the highest level of security for the information and IT assets of the company.
Assist the Global Information Security department in the design of controls/ standards and procedures that have broad implications requiring systems integration of one or more technical platforms.
Perform Risk reviews using the risk management procedure for all new Global Function programs/services to be deployed in the Global Function operational environment and veto programs that do not comply with HEINEKENs security standards.
o Monitor internal and external information security and cyber security policy compliance review and assess information security audits.
Performs as per the prescribed frequency the Information Security Maturity Assessment (ISMA) and ensures that all related evidence is available in support of the assessment.
Monitor and ensure the timely closure of tasks related to audit and internal control issues raised by e.g. Global Audit External Audit etc.
o Develop and manage the Information Security action plan to address identified risks and noncompliances.
Gains approval from the relevant management team on that action plan and its related budget.
Monitors and reports on the execution of that action plan reporting to the Global D&T Function management team and centrally to the Global Information Security Team.
Analyse and challenge derogation requests regarding the ISP/TSP that Global Functions could have with a new solution or program and communicate to the Global Information Security Team and Design Authority for approval in order to protect the HEINEKEN security environment.
o Drive resolution of cyber security incident responses and address security vulnerabilities.
Perform/guide/drive digital investigations upon the request of Global Function/HR or Legal teams in case of breaches of HEINEKENs Code of Business Conduct.
If the Global Function faces any critical IT security incidents or breakouts he/she is responsible as the Global Function security incident lead to resolve in consultation with the Cyber Defense Operations Team (CDO) Global Function D&T Directors and Global Function Line Managers.
Identify and perform independent analysis to resolve complex firsttime issues including the analysis of technical and economic feasibility of proposed security systems/ solutions. He/she is also responsible for assisting the Global Information Security department with any IT technical audit (e.g. Ethical Hack) of any Global Function IT infrastructure or
service a 3rd Party offers to HEINEKEN with a valid and open contract to ensure that security policies are in place.
Advises Global Function teams for security requirements (e.g. Patching AntiVirus Vulnerability Management etc).

• Security Awareness

o Drive training campaigns on cyber security awareness according to the global security awareness program and based on the Global Function reality.

• Security Strategy

o Responsible for identifying potential risks and recommendations on how to prevent and/or avoid those risks within the Global Function.
o Collaborate with the Global Information Security Specialist to understand and develop further the controls and processes required to improve information security.

• Innovation

o Accelerates and Drives implementation of new Security strategies and standards from global D&T towards the HEINEKEN Global Functions
o Provide security expertise across multiple technical platforms to various Global Function stakeholders in all phases of solutions development (Ideation Design build test and deploy) and Operations.

Experience/skills required:

• 5 years of working in the cyber security field and previous experience working as a cybersecurity officer or manager.
• Has worked with relevant market standards such as NIST ISO 27001 COBIT and relevant laws and regulations such as privacy laws.
• Experience in handling security incidents.
• Proven ability to dynamically assess risks threats & threat actors.
• Able to work in a crossfunctional environment; preferably with a background in the FMCG industry.
• Sense of Business Urgency and a safecautious mind to close critical gaps and reduce any security breaches.
• Ability to explain complex technical processes to business stakeholders.
• Flexibility to adjust to multiple demands shifting priorities ambiguity and rapid change.
• Ability to work and team with a multitude of different people and different cultures (as appropriate).
• Display professionalism customer service attitude attention to detail and quality.
• Possess strong interpersonal skills relationship management and negotiation skills and strong verbal and written communication skills.
• Develop self and others through continuous learning sharing best practices knowledge and expertise.
• Excellent management and leadership skills.