.
Technology Specialist CDO - The Cyber Security SME
  • Wieliczka
Technology Specialist CDO - The Cyber Security SME
Wieliczka, Wieliczka, Lesser Poland Voivodeship, Polska
HEINEKEN Global Shared Services
16. 3. 2025
Informacje o stanowisku

technologies-expected :


  • Microsoft Azure
  • AWS

technologies-optional :


  • Java
  • Perl
  • Python
  • Go
  • Ruby
  • Terraform

about-project :


  • The Cyber Security SME is part of the Cyber Defense and Operations Product Tribe, and is one of the professionals who do the work of delivering a potentially releasable increment of the product at the end of each sprint. Product Teams are structured and empowered by the organization to organize and manage their own work. The resulting synergy optimizes the Product Teams overall efficiency and effectiveness.
  • The Cyber Defense and Operations (CDO) Threat Response Product Team is a global team accountable for building a cyber resilient organization by acting as a first line of defense against cyber attacks and by educating the global organization on how to act and respond to security incidents to limit the business impact.
  • The CDO Threat Response Product Team capabilities are aligned with the NIST frameworks and are grouped into (1) Defensive Capabilities as Monitoring, Detection, Vulnerability Mng, Threat Intelligence; (2) Offensive Capabilities as Incident Response, Penetration Testing; (3) Threat Hunting Capabilities.
  • The CDO Product Team is a fast growing team, working in a complex and challenging business environment and has an ambitious strategy to implement in the next years In this context, the Cyber Defense Centre is seeking to hire an experienced security analyst and incident responder, to be part of the core CDO team.

responsibilities :


  • working closely with other members of the team, especially if the system is under attack
  • supporting the first responders to higher priority incidents, analyzing threats, doing investigation and triage
  • documenting requirements, procedures, and protocols to ensure that other users have the right resources
  • coordinating/aligning of broader SOC Analysts team and associated activity, with emphasis on real time proactive monitoring and incident response activity
  • providing remote incident response activities and advice, to support HEINEKEN operating companies during and immediately after security incidents
  • detecting threats, investigating those threats, and responding to them in a timely manner (operational threat hunting related to realized security incidents)
  • developing and improving operational security processes, procedures, and standard operating procedures (SOPs) for incident response
  • conducting in-depth investigations of security events, escalating incidents, and supporting the incident management process
  • creating and refining security monitoring content
  • being on-call to respond to incidents that arise outside of business hours (occasionally)
  • managing service-related aspects by overseeing and coordinating with third parties involved in incident response and security monitoring
  • building security architectures and systems, as well as contributing to SIEM content development teams
  • collaborating with development and operations teams to ensure systems remain up to date

requirements-expected :


  • 3+ years working experience in security operations center of international companies and with SIEM solutions
  • bachelor degree or equivalent experience
  • have a passion for security and enjoys solving problems
  • you understand the Agile mindset and have basic knowledge on working in a Scrum Team. You show end-to-end ownership on work that you do
  • you have experience with outsourced managed services, using ITIL processes, certifications such as CEH, CIR, CISM, CISA, CGEDIT, any of the OWASP or similar are a plus
  • incident response framework practical experience
  • extensive Kusto query language knowledge (KQL)
  • operational experience with SIEM (Azure Sentinel)- Log Management, Vulnerability scanning and IPS/IDS technologies
  • knowledge of security engineering, Cloud Provider infrastructure, Linux security, containerized environments security, and/or cloud security
  • operational experience with Incident Response activities, using EDR solutions on daily basis
  • knowledge of industry standard security frameworks for information systems (NIST, ISO 27001/2, CSA, COBIT)
  • the Cyber Kill Chain & MITRE ATT&CK framework
  • knowledge on security solutions (SSL, Remote Access, IPSEC, Reverse Proxy, IDS/IPS, Firewall, Multi Factor Authentication)
  • penetration testing, Malware engineering
  • offensive security specialist (e.g pen tester, ethical hacker, etc.)
  • sysadmin skills (Linux/MAC/Windows)
  • network admin skills
  • network security administrator
  • enabling services (e.g. NTP, SMTP, patching, Antivirus)
  • server infrastructure (VMWare ESXi, storage, Azure, AWS)
  • DB knowledge
  • authentication protocol knowledge
  • operating systems internal workings knowledge/understanding
  • excellent knowledge of English
  • being able to translate technical language into a story that can be understood, and cohesively present it back to different stakeholders with a clear message
  • providing clear, concise communication with key technical and non-technical stakeholders
  • working in a complex and highly externalized environment
  • strong time management skills and willing to go above and beyond where required
  • working in a highly dynamic environment, with high pressure situations
  • ability to research and characterize security threats to include identification and classification of threat indicators
  • willing to go above and beyond where required
  • be passionate about mentoring and coaching junior resources
  • having continuous improvement mentality that helps improve and grow the team

offered :


  • Hybrid ways of working
  • Private medical healthcare
  • Attractive performance bonus
  • Sodexo pre-paid card
  • Life insurance
  • Employee referral program
  • Wide range of trainings
  • Local and global job opportunities within HEINEKEN
  • Parking space
  • Open bar once a week
  • We are ACCA Approved Employer

benefits :


  • sharing the costs of sports activities
  • private medical care
  • life insurance
  • remote work opportunities
  • integration events
  • corporate sports team
  • parking space for employees
  • extra social benefits
  • pre-paid cards
  • christmas gifts
  • employee referral program
  • charity initiatives
  • flexible work from home scheme after pandemic/lockdown
  • open bar on Fridays

  • Praca Wieliczka
  • Wieliczka - Oferty pracy w okolicznych lokalizacjach


    87 383
    9 534