Cyber Security Officer

About HEINEKEN

HEINEKEN is the world’s most international brewer, present in over 70 markets and driven by our purpose to brew the joy of true togetherness and inspire a better world. Our Global Digital & Technology (D&T) Function is at the heart of HEINEKEN’s transformation, enabling data-driven decision-making, resilient operations, and secure digital platforms that protect our people, brands, and customers.

At HEINEKEN, security is business critical. We ensure that our systems, information, and infrastructure remain resilient against evolving cyber threats. As a Cyber Security Officer, you will play a pivotal role in protecting our digital assets and supporting our growth journey.

Role Purpose

The Cyber Security Officer (CSO) is responsible for protecting HEINEKEN’s information assets by implementing global security strategies, adapting them to regional requirements, and ensuring compliance with both local legislation and HEINEKEN standards. This role partners with the Global Information Security team, Cyber Defence Operations (CDO), and senior stakeholders to drive security maturity across the organization.

Key Responsibilities

Security Operations

•Implement global security strategies in APAC/Global Functions, adapting for local risks and regulations.

•Ensure compliance with HEINEKEN Global Security Standards and local legislation.

•Review and approve new global services (e.g., HeiNet) to safeguard systems.

•Conduct risk reviews for new programs and veto non-compliant solutions.

•Perform Information Security Maturity Assessments (ISMA) and maintain audit evidence.

•Drive closure of audit findings and internal control issues.

•Develop, manage, and report on action plans addressing identified risks.

•Support penetration tests, ethical hacks, and technical audits for Global Functions.

Incident & Risk Management

•Act as security incident lead during major IT security incidents, in consultation with the Cyber Defense Operations Team and Global Function D&T Directors.

•Drive digital investigations for breaches of HEINEKEN’s Code of Business Conduct, working with HR/Legal.

•Identify and resolve vulnerabilities; provide guidance on patching, antivirus, and vulnerability management.

•Perform independent analysis of complex first-time security issues.

Governance & Compliance

•Monitor and enforce compliance with NIST, ISO 27001, COBIT, and privacy laws.

•Review derogation requests for exceptions to security policies (ISP/TSP) and escalate appropriately.

•Report KPIs, maturity progress, and security posture to Global Security leadership.

Leadership & Collaboration

•Manage up to 6 direct reports within the Global D&T function.

•Collaborate with global and regional teams, influencing decision-making across cultures and functions.

•Act as trusted advisor to business stakeholders, explaining complex risks in simple terms.

Qualifications

•Bachelor’s or Master’s degree in Information Security, Computer Science, or related field.

•Relevant certifications: CISSP, CCSP, CISM, CISA, CRISC.

Experience & Skills

•5+ years of professional experience in cyber security, preferably in large, global organizations.

•Proven record in security incident response, risk assessments, and compliance management.

•Knowledge of global frameworks: NIST, ISO 27001, COBIT, GDPR, and privacy regulations.

•Strong analytical ability to assess risks, threats, and actors.

•Excellent communication skills with ability to engage senior leaders and non-technical stakeholders.

•Experience working in cross-functional, multi-cultural environments (FMCG industry experience is a plus).

•Strong interpersonal, relationship management, and negotiation skills.

•Flexible, resilient, and proactive with a sense of urgency.

Language

•Fluent in English (additional languages are an asset).

Why Join HEINEKEN?

At HEINEKEN, you’re not just protecting IT systems you’re safeguarding one of the world’s most loved brands. You’ll work in a diverse, global team, tackling real-world cyber challenges while enabling HEINEKEN’s growth journey. Security is at the heart of how we brew a better world join us to make an impact.