Domain Lead, Technical Information Security Officer

Domain Lead, Technical Information Security Officer

Apply remote type Flex locations Amsterdam, Netherlands; Essen, Germany

Time type: Full time

Posted on: Posted 2 Days Ago

Job requisition id: JR100427

Your Role & Responsibilities

• Strategic Threat Prevention Development: Design and develop comprehensive threat prevention and management for hybrid cloud and on-premise environments, ensuring alignment with business objectives and risk management strategies.
• DEVSECOPS Integration: Spearhead the infosec requirements within the DEVSECOPS pipeline, promoting automated security testing and continuous delivery practices.
• ERP and Supply Chain Security: Enhance security for ERP systems and supply chain processes to protect against unauthorized access and potential breaches.
• Risk Assessment and Mitigation: Conduct thorough technical risk assessments and define actionable mitigation strategies to address identified security threats and vulnerabilities.
• Incident Response and Recovery: Lead the design and execution of incident response plans and recovery strategies, ensuring rapid response capabilities to minimize impact on operations. Lead Purple team exercises and manage offensive security suite of tools to identify and remediate attack paths to company systems.
• Stakeholder Collaboration: Collaborate with internal IT leaders and business stakeholders to prioritize security initiatives and investments based on risk and business impact.
• Leadership and Team Development: Mentor and lead a team of security architects and specialists, fostering a culture of continuous improvement and professional growth.
• Compliance and Best Practices: Ensure compliance with relevant laws, regulations, and standards such as GDPR, SOX, ISO standards, EU NIS2.0, China PIPL, NIST, etc. Stay abreast of industry trends, tools, and practices, incorporating them into the security strategy as applicable.
• InfoSec in Merger and Acquisition: Support in the due diligence of the merger and acquisition process, ensuring the cyber risk posture of the prospective acquisition is known before integration.

Your Profile

• Education: Bachelor’s or master’s degree in information security, Computer Science, or a related field.
• Experience: At least 10 years of experience in information security, with a hands-on mentality and a penetration testing background.
• Proven hands-on experience with offensive and defensive security tools.
• Proven hands-on experience in guiding a team to simulate and improve attack detection and response capabilities.
• Proven hands-on experience with reputable EDR solutions, handling and understanding the EDR alerts and ability to guide and coach other team members.
• Deep understanding of threat landscapes and system hardening techniques for Windows, Linux, and cloud-native environments.
• In-depth hands-on expertise on implementation of security controls across hybrid environments.
• Experience in applications and vendor technologies technical assessments.
• You have a comprehensive understanding of modern technology and have a solid understanding of how to practically apply security in an enterprise environment.
• You can translate specific security requirements and risks into a business context and act as a technical expert.
• Certifications: OSPC, GPEN, GCIH

Brenntag TA Team

Brenntag is the leading global distributor of chemicals and ingredients, committed to connecting customers and suppliers within networks. We add value for our customers and partners every step of the way: through our product knowledge, innovation, and sustainable solutions, combined with our passion for service excellence and commitment to safety.

Headquartered in Essen, Germany, and with more than 17,500 experts at about 600 locations in 72 countries, our two global divisions, Brenntag Essentials and Brenntag Specialties, offer a full range of industrial and specialty chemicals and ingredients. Therefore, our clients and partners can count on us for global reach combined with local agility and execution.

As an employer, we embrace diversity and foster a sense of community and collaboration in an environment where employees are encouraged to share ideas and work together. We engage our employees in the company’s mission for collective success, by building long-term stability and safety through trust and clarity across the organization. We believe in empowering our employees to reach their full potential and shape the future.