This role is part of the D&T department of HEINEKEN International and is located in Heineken Global Shared Service. D&T is proud to bring cutting-edge innovation, strong technology and advanced analytics to HEINEKEN. With speed and agility, we ensure HEINEKEN has the technological competitive advantages it needs to deliver on its ambition.

The Platform Security Engineer is part of the Cyber Defense and Operations Product Team, and is one of the professionals who do the work of delivering a potentially releasable increment of the product at the end of each sprint. Product Teams are structured and empowered by the organization to organize and manage their own work. The resulting synergy optimizes the Product Team’s overall efficiency and effectiveness.

The Cyber Defense and Operations (CDO) Product Team is a global team accountable for building a cyber resilient organization and this is achieved by acting as a first line of defense against cyber attacks and by educating the global organization on how to act and respond to security incidents to limit the business impact.

The CDO Product Team capabilities are aligned with the NIST frameworks and are grouped into (1) Defensive Capabilities as Monitoring, Detection, Vulnerability Mng, Threath Intelligence; (2) Offensive Capabilities as Incident Response, Penetration Testing; (3) Threat Hunting Capabilities.

The CDO Product Team is a fast growing team, working in a complex and challenging business environment and has an ambitious strategy to implement in the next years. In this context, the Cyber Defense Centre is seeking to hire an experienced platform security engineer with passion for security architecture, to be part of the core CDO team.

Your responsibilities would include:

As part of the platform security engineering part role you are expected to;

• Security Information and Event Management (SIEM) Engineers fine-tune the SIEM tools needed to identify and repel threats. They work closely with other members of the team, especially if the system is under attack.
• Security engineers are responsible for maintaining tools, tools lifecycle, planning of rules and use case building, maintaining, retirement and improvements, maintaining software and infrastructure related to SIEM solutions, and updating systems.
• Security engineers are responsible for building the security architecture and systems, being part of the SIEM content development teams. They typically work with development operations teams to ensure that systems are up to date.
• Additionally, security engineers document requirements, procedures, and protocols to ensure that other users have the right resources.

Additionally, it is beneficial if the candidate has a passion for security architecture and in that aspect, you would be encouraged to;

• Help in creating roadmaps for used security products, in adaptation and planning of implementation of new product features and documenting the architectural landscape of Cyber Defense and Operations

You are a good Candidate if:

• You have 5+  years working experience as security platform engineer
• You have Bachelor degree or equivalent experience
• You understand the Agile mind set and have basic knowledge on working in a Scrum Team. You show end-to-end ownership on work that you do.
• You have excellent knowledge of English, written and verbal 
• You have experience with outsourced managed services, using ITIL processes

Content/Technical experience:

• Extensive knowledge of security engineering, Azure infrastructure,  Linux security, containerized environments security, and/or cloud security
• Experience in automation, coding and/or scripting using one or more of the following languages: Java, Perl, Python, Go, Ruby, Terraform and/or similar is a plus
• Operational experience with SIEM (Azure Sentinel)– Log Management, Vulnerability scanning and IPS/IDS technologies,
• Operational experience with the Microsoft security stack (Defender(s).
• Kusto query language knowledge (KQL)
• Knowledge of industry standard security frameworks for information systems (NIST, ISO 27001/2, CSA, COBIT)
• Basic familiarity with scripting programming e.g. Bash, PowerShell, Python
• The Cyber Kill Chain & MITRE ATT&CK framework
• Basic knowledge on security solutions (SSL, Remote Access, IPSEC, Reverse Proxy, IDS/IPS, Firewall, Multi Factor Authentication)
• Basic knowledge of :
  • Penetration testing, Malware engineering
  • Offensive security specialist (e.g pen tester, ethical hacker, etc.)
  • Sysdmin skills (Linux/MAC/Windows)
  • Network admin skills
  • Network security administrator
  • Enabling services (e.g NTP, SMTP, patching, Antivirus)
  • Server infrastructure (VMWare ESXi, storage, Azure, AWS)
  • basic cryptography knowledge (basic algorithm knowledge)
  • DB knowledge
  • authentication protocol knowledge

Soft Skills:

• Being able to translate technical language into a story that can be understood, and cohesively present it back to  different  stakeholders with a clear message

• Provide clear, concise and easily consumable communication with key technical and non-technical stakeholders
• People skills: you can work with people of many different cultures and backgrounds.
• Able to work in a complex and highly externalized environment
• Interested in continuous self-development through training and learning on the job. Being curious about new developments and technologies; educating yourself.
• Critical thinking and contextual analysis abilities;
• Investigative and analytical problem solving skills;
• Teamwork, can-do mentality;
• Strong time management skills and willing to go above and beyond where required
• Working in a highly dynamic environment, whit high pressure situations
• Ability to take decisive action based on available information in a timely manner;
• Ability to research and characterize security threats to include identification and classification of threat indicators;
• Strong time management skills and willing to go above and beyond where required
• Be passionate about mentoring and coaching junior resources, sharing knowledge
• Having continuous improvement mentality