Logo Pracuj.pl

Technology Specialist - CDO

HEINEKEN Global Shared Services

  • Kraków, Lesser Poland
  • offer expired 2 months ago
  • temporary staffing agreement
  • full-time
  • specialist (Mid / Regular)
  • hybrid work
  • remote recruitment
  • запрошуємо працівників з України
Запрошуємо працівників з України
Роботодавець відкритий для працевлаштування громадян України
  • Specializations:Agile, Product Management

HEINEKEN Global Shared Services

aleja Jana Pawła II 43a



Technologies we use


  • CEH

  • CIR

  • CISM

  • CISA


  • KQL

  • Bash

  • PowerShell

  • Python

  • Agile

  • VMWare ESXi

  • storage

  • Azure

  • DB

  • AWS

  • NTP

  • SMTP

  • patching

  • Antiviru

Operating system

Your responsibilities

  • upholding Vulnerability Management processes across the enterprise, and ensure stakeholders buy-in

  • acting as a subject matter expert with regards to Information Security vulnerabilities

  • defining and measure the necessary Vulnerability Management metrics

  • combining the various sources of vulnerabilities information - pentests, scans, bug bounties, external researchers etc. into one coherent picture

  • driving the Vulnerability Management activities as part of a specialized Real-time Threat Management team; this includes applying your analytical, reasoning & specialized technical security expertise to investigate, isolate and track network and security vulnerabilities, identify and classify weakness and potential issues, filter out false-positives, aggregate vulnerabilities across assets to assign the appropriate priority and risk level

  • supporting identification of vulnerabilities by enhancing vulnerability identification at process and technology level

  • owning, managing, and maturing infrastructure vulnerability scanning process and tools and align with vulnerability identification KPIs

  • supporting identification, triaging, assignment and remediation of vulnerabilities ensuring that vulnerability management lifecycle is followed

  • timely responding to security threats by collaboration with other security teams and provide effective remediation solution complemented by compensatory controls

  • providing data driven insights into improvement opportunities for infrastructure vulnerability management process

  • preparing reports for technical teams, compliance deliverables and executive management highlighting current status of infrastructure from vulnerability management perspective

  • working with engineering teams for effective patch management by providing reports and vulnerability metrics

  • providing support for infrastructure penetration testing

  • driving the remediation process to ensure vulnerable assets are patched or remediated within agreed SLAs

  • proactively researching new methods, tools, and strategies to effectively identify vulnerabilities

  • looking for structural solutions over one-time quick fixes.

Our requirements

  • 3+ years working experience in security operations and advanced level of understanding regarding systems security at both technical and procedural level

  • good level of understanding of infrastructure vulnerability scanning tools, EDR solutions

  • understanding (technical aspects of) penetration testing and results (including scoping and organizing of pentests, use of vulnerability scanners, vulnerability management tools) and basic knowledge of web application vulnerabilities and standards

  • good understanding of IT fundamentals across networking (such as DNS, SNMP, DHCP, IPSEC etc.), system, and application layers

  • Bachelor degree or equivalent experience

  • passion for security and enjoys solving problems

  • understanding the Agile mindset and have basic knowledge on working in a Scrum Team. You show end-to-end ownership on work that you do

  • excellent knowledge of English, written and verbal

  • experience with outsourced managed services, using ITIL processes

  • certifications such as CEH, CIR, CISM, CISA, CGEDIT, any of the OWASP or similar are a plus.

  • knowledge of industry standard security frameworks for information systems (CVSS, CIS Benchmarking, OWASP , NIST, ISO 27001/2, CSA, COBIT)

  • basic familiarity with scripting programming e.g. Bash, PowerShell, Python

  • relevant technical solutions such as vulnerability management tooling (Nessus, Qualys, Defender for Endpoints)

  • kusto query language knowledge (KQL) is a plus

  • vulnerability remediation tools & techniques

  • system security (operating systems, applications), networking, and web applications

  • basic knowledge on security solutions (SSL, Remote Access, IPSEC, Reverse Proxy, IDS/IPS, Firewall, Multi Factor Authentication) and practical knowledge on application security controls

  • threat Modelling experience.

  • basic knowledge on other infrastructure. Eg: Active Directory, DNS, IP Addressing, Azure AD

  • Penetration testing, Malware engineering

  • Offensive security specialist (e.g pen tester, ethical hacker, etc.)

  • Sysdmin skills (Linux/MAC/Windows)

  • Network admin skills

  • Network security administrator

  • Enabling services (e.g NTP, SMTP, patching, Antivirus)

  • Server infrastructure (VMWare ESXi, storage, Azure, AWS)

  • basic cryptography knowledge (basic algorithm knowledge)

  • DB knowledge

  • authentication protocol knowledge.

What we offer

  • Private Medical Healthcare

  • Performance bonus

  • Sodexo card

  • Life insurance

  • Referral program

  • Development opportunities

  • Local and global job opportunities within HEINEKEN

  • ACCA Approved Employer

  • Work from home flexibility (also after COVID)


  • sharing the costs of sports activities

  • private medical care

  • life insurance

  • remote work opportunities

  • integration events

  • corporate sports team

  • parking space for employees

  • extra social benefits

  • pre-paid cards

  • christmas gifts

  • employee referral program

  • charity initiatives

  • flexible work from home scheme after pandemic/lockdown

  • open bar on Fridays

HEINEKEN Global Shared Services

At HEINEKEN Kraków (HEINEKEN Global Shared Services) our success comes directly from our great people. We are a growing team of finance, accounting, data and technology professionals ready to „WOW” the world with our expertise, passion and pride to be GREEN. Our employees can develop in the following areas: Purchase to Pay, Order to Cash, Record to Report, Business Performance Management, Accounting, Reporting & Consolidation, Digital & Technology, Transformation Management, Global Audit, Global Process & Control Improvement, Global Process Expertise, and Support Functions like HR, Service Management, Global Master Data, Internal Finance, Change & Communications.

An integral part of HEINEKEN’s day-to-day operations, our Global Shared Services center has significantly contributed to leveraging the benefits of the company since 2012. With more than 1100 employees comprised of 27 nationalities, we collaborate with 26 Operating Companies in 25 languages. A truly global experience! We value enjoyment of life, respect for people and planet and passion for quality in all that we do.

HEINEKEN is a proud independent global brewer, committed to surprise and excite consumers with its brands and products everywhere. The brand that bears the founder's family name - Heineken® - is available in almost every country around the globe and is the world's most valuable international premium beer brand. Our company is present in over 70 countries, operates more than 160 breweries and markets more than 250 brands.

HEINEKEN Global Shared Services Center was awarded as the Business Services Firm of the Year 2021!

Scroll to the company’s profile