The Cyber Security Manager is responsible for the management and implementation of the global Cyber Security Strategy based on the NIST Cyber Security Framework, to reduce the risk of a Cybersecurity incident according to the risk appetite of HEINEKEN and the Local Operating Company (OpCo) , as well as to raise wider OpCo Cybersecurity awareness.
Trách nhiệm công việc
Security Management: Advise, communicate, and ensure implementation of the global security standards & procedures by the local OpCo business and GIS teams.
Security Practices: Implement security best practices for new technologies.
Security Policy Development: Manage /Develop /Improve and assist in the annual deployment of the Security Awareness Program within the OpCos.
Security Audits: Conduct regular security audits and assessments to ensure compliance with policies.
Security Reviews: Conduct security reviews of applications and systems during the development lifecycle.Responsible for identifying potential risks and recommendations on how to prevent and/or avoid that risk for inclusion in global operational security strategy.
Collaboration: Collaborate with the regional Information Security & Risk Management Manager to understand and develop further the controls and processes required to improve information security.
Network Security: Accelerates and Drives implementation of new Security strategies and standards from global GIS towards the HEINEKEN OpCos
Research and Development: Research / participate in peer security forums (3rd parties and peers Companies) to identify opportunities to benchmark and continuously improve local implementation of standards and best practices from across IT or from the marketplace
Process Improvement: Provide security expertise across multiple technical platforms to various OpCo stakeholders in all phases of solutions development (Ideation, Design, build, test and deploy) and Operations
Training and Mentoring: Building risk culture, provide knowledge transfer/sharing and coaching to junior members on security topics.
Kỹ năng & Chuyên môn
Portfolio: Bachelor or master’s degree in information technology, computer science, engineering, or a related discipline.
Industry Knowledge: Certification on different IT Security Topics such as CISA/CISM/CIISP/CEH/CSTA/CSTP/CFIS etc.
Languages: Good command in English, both written and spoken
Hands-On Experience: 5 years + of experience in consulting and supporting standard security compliance, and IT security related matter with internal and/or external customers, as well as in team leading.
Experience: Has worked with relevant market standards such as ISO 27001, COBIT and relevant laws and regulations such as privacy laws
Security: Strong Functional and technical knowledge in IT Security matters
Adaptability: Sense of Business Urgency and safe-cautious mind to close critical gaps and reduce any security breach.
Additional Skills: Flexibility to adjust to multiple demands, shifting priorities, ambiguity and rapid change.
Teamwork: Ability to work and team with a multitude of different people and different cultures (as appropriate).
Personal Attributes: Display professionalism, customer service attitude, attention to detail and quality.
Interpersonal Skills: Possess strong interpersonal skills, relationship management and negotiation skills, strong verbal and written communication skills.
Learning Orientation: Develop self and others through continuous learning, sharing best practices, knowledge, and expertise.
Negotiation Skills: Negotiation skills indispensable.
