This role is part of the D&T department of HEINEKEN International and is located in Heineken Global Shared Service. D&T is proud to bring cutting-edge innovation, strong technology, and advanced analytics to HEINEKEN. With speed and agility, we ensure HEINEKEN has the technological competitive advantages it needs to deliver on its ambition.
The Platform Security Engineer is part of the Cyber Defense and Operations Tribe. It is one of the professionals who deliver a potentially releasable product increment at the end of each sprint. Product Teams are structured and empowered by the organization to organize and manage their work. The resulting synergy optimizes the Product Teams overall efficiency and effectiveness. The Cyber Defense and Operations (CDO) Product Team is a global team accountable for building a cyber-resilient organization and this is achieved by acting as a first line of defense against cyber attacks and by educating the global organization on how to act and respond to security incidents to limit the business impact. The CDO Product Team capabilities are aligned with the NIST frameworks and are grouped into (1) Defensive Capabilities as Monitoring, Detection, Vulnerability Mng, and Threat Intelligence; (2) Offensive Capabilities as Incident Response and Penetration Testing; (3) Threat Hunting Capabilities.
The CDO Product Team is a fast-growing team, working in a complex and challenging business environment and has an ambitious strategy to implement in the next years. In this context, the Cyber Defense Centre is seeking to hire an experienced platform security engineer with a passion for security architecture, to be part of the core CDO team.
responsibilities :
fine-tuning the SIEM tools needed to identify and repel threats and working closely with other members of the team, especially if the system is under attack
supporting in EDR tool lifecycle management
maintaining tools, tools lifecycle, planning of rules and use case building, maintaining, retirement and improvements, maintaining software and infrastructure related to SIEM solutions, and updating systems
building the security architecture and systems, being part of the SIEM content development teams, and working with development operations teams to ensure that systems are up to date
documenting requirements, procedures, and protocols to ensure that other users have the right resources
working on DevSecOps pipelines and integrations to deploy and manage our defensive security stack
requirements-expected :
5+ years of working experience as a security platform engineer
Bachelors degree or equivalent experience
understanding of the Agile mindset and basic knowledge of working in a Scrum Team
excellent knowledge of English, written and verbal
experience with outsourced managed services, using ITIL processes
experience within the process control domain with a cyber security context
extensive knowledge of security engineering, Azure infrastructure, Linux security, containerized environments security, and/or cloud security
extensive knowledge of CICD in Azure
experience in automation, coding, and/or scripting using one or more of the following languages: Java, Perl, Python, Go, Ruby, Terraform, and/or similar is a plus
operational experience with SIEM (Azure Sentinel)- Log Management, Vulnerability scanning, and IPS/IDS technologies,
operational experience with the Microsoft Security Stack (Defender(s), especially MDE
Kusto query language knowledge (KQL)
experience with Azure Data Explorer and Azure Data Lake Storage
experience with working with ServiceNow is a plus
knowledge of industry-standard security frameworks for information systems (NIST, ISO 27001/2, CSA, COBIT)
extended knowledge of scripting programming e.g. Bash, PowerShell, Python
ability to translate technical language into a story that can be understood, and cohesively presented back to different stakeholders with a clear message
skill in providing clear, concise, and easily consumable communication with key technical and non-technical stakeholders
ability to with people of many different cultures and backgrounds
ability to work in a complex and highly externalized environment
interest in continuous self-development through training and learning on the job, and curiosity about new developments and technologies; educating yourself
critical thinking and contextual analysis abilities
investigative and analytical problem-solving skills
teamwork, can-do mentality
strong time management skills and willingness to go above and beyond where required
working in a highly dynamic environment, with high-pressure situations
ability to take decisive action based on available information in a timely manner
ability to research and characterize security threats to include identification and classification of threat indicators
being passionate about mentoring and coaching junior resources, sharing knowledge
continuous improvement mentality that helps improve and grow the team
offered :
Hybrid ways of working
Private medical healthcare
Attractive performance bonus
Sodexo pre-paid card
Life insurance
Employee referral program
Wide range of trainings
Local and global job opportunities within HEINEKEN
Parking space
Open bar once a week
We are ACCA Approved Employer
benefits :
sharing the costs of sports activities
private medical care
life insurance
remote work opportunities
integration events
corporate sports team
parking space for employees
extra social benefits
pre-paid cards
christmas gifts
employee referral program
charity initiatives
flexible work from home scheme after pandemic/lockdown