sharing the costs of sports activities
Pracodawca zakończył zbieranie zgłoszeń na tę ofertę
Aktualne oferty pracodawcyTechnology Specialist - CDO
HEINEKEN Global Shared Services
- Kraków, Lesser Poland
- offer expired 2 months ago
- temporary staffing agreement
- full-time
- specialist (Mid / Regular)
- hybrid work
- remote recruitment
- запрошуємо працівників з України
Запрошуємо працівників з України
Роботодавець відкритий для працевлаштування громадян України
- Specializations:Agile, Product Management
HEINEKEN Global Shared Services
aleja Jana Pawła II 43a
Czyżyny
Kraków
Technologies we use
Expected
CEH
CIR
CISM
CISA
CGEDIT
KQL
Bash
PowerShell
Python
Agile
VMWare ESXi
storage
Azure
DB
AWS
NTP
SMTP
patching
Antiviru
Operating system
Your responsibilities
upholding Vulnerability Management processes across the enterprise, and ensure stakeholders buy-in
acting as a subject matter expert with regards to Information Security vulnerabilities
defining and measure the necessary Vulnerability Management metrics
combining the various sources of vulnerabilities information - pentests, scans, bug bounties, external researchers etc. into one coherent picture
driving the Vulnerability Management activities as part of a specialized Real-time Threat Management team; this includes applying your analytical, reasoning & specialized technical security expertise to investigate, isolate and track network and security vulnerabilities, identify and classify weakness and potential issues, filter out false-positives, aggregate vulnerabilities across assets to assign the appropriate priority and risk level
supporting identification of vulnerabilities by enhancing vulnerability identification at process and technology level
owning, managing, and maturing infrastructure vulnerability scanning process and tools and align with vulnerability identification KPIs
supporting identification, triaging, assignment and remediation of vulnerabilities ensuring that vulnerability management lifecycle is followed
timely responding to security threats by collaboration with other security teams and provide effective remediation solution complemented by compensatory controls
providing data driven insights into improvement opportunities for infrastructure vulnerability management process
preparing reports for technical teams, compliance deliverables and executive management highlighting current status of infrastructure from vulnerability management perspective
working with engineering teams for effective patch management by providing reports and vulnerability metrics
providing support for infrastructure penetration testing
driving the remediation process to ensure vulnerable assets are patched or remediated within agreed SLAs
proactively researching new methods, tools, and strategies to effectively identify vulnerabilities
looking for structural solutions over one-time quick fixes.
Our requirements
3+ years working experience in security operations and advanced level of understanding regarding systems security at both technical and procedural level
good level of understanding of infrastructure vulnerability scanning tools, EDR solutions
understanding (technical aspects of) penetration testing and results (including scoping and organizing of pentests, use of vulnerability scanners, vulnerability management tools) and basic knowledge of web application vulnerabilities and standards
good understanding of IT fundamentals across networking (such as DNS, SNMP, DHCP, IPSEC etc.), system, and application layers
Bachelor degree or equivalent experience
passion for security and enjoys solving problems
understanding the Agile mindset and have basic knowledge on working in a Scrum Team. You show end-to-end ownership on work that you do
excellent knowledge of English, written and verbal
experience with outsourced managed services, using ITIL processes
certifications such as CEH, CIR, CISM, CISA, CGEDIT, any of the OWASP or similar are a plus.
knowledge of industry standard security frameworks for information systems (CVSS, CIS Benchmarking, OWASP , NIST, ISO 27001/2, CSA, COBIT)
basic familiarity with scripting programming e.g. Bash, PowerShell, Python
relevant technical solutions such as vulnerability management tooling (Nessus, Qualys, Defender for Endpoints)
kusto query language knowledge (KQL) is a plus
vulnerability remediation tools & techniques
system security (operating systems, applications), networking, and web applications
basic knowledge on security solutions (SSL, Remote Access, IPSEC, Reverse Proxy, IDS/IPS, Firewall, Multi Factor Authentication) and practical knowledge on application security controls
threat Modelling experience.
basic knowledge on other infrastructure. Eg: Active Directory, DNS, IP Addressing, Azure AD
Penetration testing, Malware engineering
Offensive security specialist (e.g pen tester, ethical hacker, etc.)
Sysdmin skills (Linux/MAC/Windows)
Network admin skills
Network security administrator
Enabling services (e.g NTP, SMTP, patching, Antivirus)
Server infrastructure (VMWare ESXi, storage, Azure, AWS)
basic cryptography knowledge (basic algorithm knowledge)
DB knowledge
authentication protocol knowledge.
What we offer
Private Medical Healthcare
Performance bonus
Sodexo card
Life insurance
Referral program
Development opportunities
Local and global job opportunities within HEINEKEN
ACCA Approved Employer
Work from home flexibility (also after COVID)
Benefits
private medical care
life insurance
remote work opportunities
integration events
corporate sports team
parking space for employees
extra social benefits
pre-paid cards
christmas gifts
employee referral program
charity initiatives
flexible work from home scheme after pandemic/lockdown
open bar on Fridays
HEINEKEN Global Shared Services
At HEINEKEN Kraków (HEINEKEN Global Shared Services) our success comes directly from our great people. We are a growing team of finance, accounting, data and technology professionals ready to „WOW” the world with our expertise, passion and pride to be GREEN. Our employees can develop in the following areas: Purchase to Pay, Order to Cash, Record to Report, Business Performance Management, Accounting, Reporting & Consolidation, Digital & Technology, Transformation Management, Global Audit, Global Process & Control Improvement, Global Process Expertise, and Support Functions like HR, Service Management, Global Master Data, Internal Finance, Change & Communications.
An integral part of HEINEKEN’s day-to-day operations, our Global Shared Services center has significantly contributed to leveraging the benefits of the company since 2012. With more than 1100 employees comprised of 27 nationalities, we collaborate with 26 Operating Companies in 25 languages. A truly global experience! We value enjoyment of life, respect for people and planet and passion for quality in all that we do.
HEINEKEN is a proud independent global brewer, committed to surprise and excite consumers with its brands and products everywhere. The brand that bears the founder's family name - Heineken® - is available in almost every country around the globe and is the world's most valuable international premium beer brand. Our company is present in over 70 countries, operates more than 160 breweries and markets more than 250 brands.
HEINEKEN Global Shared Services Center was awarded as the Business Services Firm of the Year 2021!