Senior Professional, IT Security Risk and Compliance - Anderlecht, België - Coca-Cola Europacific Partners

    Coca-Cola Europacific Partners
    Coca-Cola Europacific Partners Anderlecht, België

    3 weken geleden

    Default job background
    Voltijd
    Beschrijving

    Are you looking for new challenges and personal growth within Coca-Cola Europacific Partners? Then we have a great opportunity for you.

    Senior Prof, IT Security Risk and Compliance, All CCEP Locations

    Job purpose

    Be part of the Information Security Risk and Compliance team, to manage Information and Cyber Security risks through effective identification, assessment, decisioning, mitigation treatment via control implementation, and active monitoring through measurement, reporting and assurance activities.

    This position works with stakeholders across all of CCEP, in all business units, countries, departments, BPT and the wider Information Security teams to ensure compliance to risk and controls design, defined by regulation, local law and CCEP:

    • Working with stakeholders and control owners on driving performance, continuous improvement and maturity.
    • Driving process and governance improvements within and outside the team that will help strengthen our ISRC landscape.
    • Maintaining security policy governance and lifecycle, executing an effective end to end Information Security program while supporting internal and external audits from evidence submission through to finding remediation.

    What will be expected of you

    • (Aspiring) Subject Matter Expert for InfoSec Risk and Compliance related topics (e.g. NIST, NIS2);
    • Maintain ISRC framework and compliance performance through GRC dashboarding;
    • Provide consultancy and technical expertise on risk mitigation and control maturity activities;
    • Produce Management reporting on Information Security Risk and Control Performance Indicators;
    • Facilitate the Information Security Policy and Standards annual review cycles and policy exceptions and exemptions management;
    • Deliver Information Security risk assessments at the corporate- and local levels. Including: assessment facilitation, report creation of risk decisioning, mitigation planning and action tracking, maintain all evidences and progress updates on the InfoSec risk register;
    • Perform periodic self-assessment of risk and controls, health checks, scoring, mitigation, and continuous improvement;
    • Work collaboratively with the independent assurance functions – Internal and External Auditors:
      • Support and facilitate audit evidence collection and secure storage
      • Provide tracking and management reporting of all Audit findings
    • Manage InfoSec control compliance attestation, working with the control owners providing 2nd Line of Defence oversight;
    • Build a strong network with key stakeholders such as: Enterprise Risk Management, Business Continuity & Resilience Team, Corporate Security, Finance Internal Controls Team, Internal Audit;

    Qualifications required

    • Bachelor's degree in Computer Science, Management of Information Systems, Business, or related field
    • 2+ years of IT experience with 2+ years of Information Security experience or similar
    • English: proficiency (must)

    Desirable:

    • Qualification in Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or similar;

    Experience required

    • Strong communication skills both verbal and written with demonstrated effective team working in a multi-cultural international environment
    • Working collaboratively with Internal- and External auditors
    • Information Risk Management methodology and tools
    • Implementing a Security control frameworks such as ISO 27001/2/5, NIST or similar
    • Demonstrated track record of success in delivering projects/audits with budgetary constraints
    • Process design and implementation skills, and mindset of continuous improvement to support the achievement of organisational goals and strategies
    • Good analytical and planning skills combined with independent, goal- and process-oriented way of working
    • Managing and maintaining Information Security and Risk & Compliance governance structure;
    • Proven experience in navigating complex organizations with creative problem solving
    • Experience in the consumer product market, beverage industry or logistics

    Technical skills required

    • Knowledge of regulatory environments applicable to US publicly traded companies (SOX), Information Security, data privacy regulations and NIS2;
    • Knowledge of Salesforce platform and specific Salesforce auditing standards, requirements or characteristics;
    • Knowledge of Information Security Management Systems and Security Control Frameworks;
    • Ability to implement ServiceNow GRC workflows across the organization;

    Behavioural competencies

    • High communication skills using assertiveness and negotiation skills within a multi-cultural international organisation;
    • Ability to work independently within a remote team;
    • Conscientiousness, analytical and creative in thought and action;
    • Ability to quickly adopt to situations and learn new competencies;
    • Passion for collaborating with customers, partners, and co-workers to achieve successful outcomes;
    • Advocate for change – challenge the status quo with proposed and improved solutions;

    Our employee value proposition:

    Being Rewarded

    • Market Competitive Salary
    • Annual Compensation & Bonus Cycle
    • CCEP Shares Purchase plan & Matching Share
    • Food Vouchers
    • Flexible Working Allowance

    Being Connected

    • Everyone's Welcome – Inclusion, Diversity & Equity Culture
    • Keep In Touch program – in support of parental care
    • Inspiring Office layout with Great beverages and Sofia subsidized canteen
    • Referral Program

    Being Developed & Valued

    • Professional Qualifications Support & Sponsorship
    • Ninja Community and Lean Six Sigma Certification
    • CCEP learning platforms & Leadership training curricula
    • Career Growth and Talent Progression
    • Recognition program

    Being Well

    • Flexible & Hybrid Ways of Working
    • Additional days paid leave at start and on top – Birthday, Qualification & Volunteering;
    • Wellbeing & Sports program, including corporate discounts & subscription fees
    • Wellbeing Community & Initiatives
    • Employee Assistance Program
    • Additional Health Plan & Dental Insurance

    Being Inspired

    • Social Projects & Community Charity programs
    • Participation in Corporate Challenges - marathon, sports, fun
    • External life coach speakers and Work-Life balance lectures
    • Team Building & Fun Events

    ​We are Coca-Cola Europacific Partners (CCEP) – a dedicated team of 42,000 people, serving customers in 31 countries, who work together to make, move and sell some of the world's most loved drinks.

    We are a global business and one of the leading consumer goods companies in the world. We help our 2.1 million customers grow, and we are constantly investing in exciting new products, innovative technologies and fresh ideas. This helps us to delight the 600 million people who enjoy our drinks every day.