Chief Security Officer

Role Overview: As a Cyber Security Officer at HEINEKEN, you will be responsible for protecting the company's information assets by implementing global security strategies, ensuring compliance with standards and legislation, and driving security maturity across the organization. You will play a pivotal role in safeguarding digital assets and supporting HEINEKEN's growth journey. Key Responsibilities: - Implement global security strategies in APAC/Global Functions, adapting for local risks and regulations. - Ensure compliance with HEINEKEN Global Security Standards and local legislation. - Review and approve new global services (e.g., HeiNet) to safeguard systems. - Conduct risk reviews for new programs and veto non-compliant solutions. - Perform Information Security Maturity Assessments (ISMA) and maintain audit evidence. - Drive closure of audit findings and internal control issues. - Develop, manage, and report on action plans addressing identified risks. - Support penetration tests, ethical hacks, and technical audits for Global Functions. Incident & Risk Management: - Act as security incident lead during major IT security incidents. - Drive digital investigations for breaches of HEINEKEN's Code of Business Conduct. - Identify and resolve vulnerabilities; provide guidance on patching, antivirus, and vulnerability management. - Perform independent analysis of complex first-time security issues. Governance & Compliance: - Monitor and enforce compliance with NIST, ISO 27001, COBIT, and privacy laws. - Review derogation requests for exceptions to security policies and escalate appropriately. - Report KPIs, maturity progress, and security posture to Global Security leadership. Leadership & Collaboration: - Manage up to 6 direct reports within the Global D&T function. - Collaborate with global and regional teams, influencing decision-making across cultures and functions. - Act as trusted advisor to business stakeholders, explaining complex risks in simple terms. Qualifications: - Bachelors or Masters degree in Information Security, Computer Science, or related field. - Relevant certifications: CISSP, CCSP, CISM, CISA, CRISC. Experience & Skills: - 5+ years of professional experience in cyber security. - Proven record in security incident response, risk assessments, and compliance management. - Knowledge of global frameworks: NIST, ISO 27001, COBIT, GDPR, and privacy regulations. - Strong analytical ability and excellent communication skills. - Experience working in cross-functional, multi-cultural environments. Additional Details: At HEINEKEN, security is business critical. Join a diverse, global team and safeguard one of the world's most loved brands. Make an impact by tackling real-world cyber challenges and enabling HEINEKEN's growth journey.,