Skip to main content
Search Jobs

Sr Prof, IT Security Officer

Sofia, Bulgaria Information Technology 15/05/2023 85895

Are you looking for new challenges and personal growth within Coca-Cola Europacific Partners? Then we have a great opportunity for you.



Job purpose

Be part of the Information Security Risk and Compliance team, to manage Information and Cyber Security risks through: effective identification, assessment, decisioning, mitigation treatment via control implementation, and active monitoring through measurement, reporting and assurance activities.  

This position works with stakeholders across all of CCEP, in all business units, countries, departments, BPT and the wider Information Security teams to ensure compliance to risk and controls design, defined by: regulation, local law, CCEP and the Coca-Cola Company. Working with stakeholders and control owners on driving performance, continuous improvement and maturity. Also owning some key security controls too; Security policy governance and lifecycle, executing an effective Security awareness and training programme to all CCEP employees, facilitating externally driven cyber self-assessment/attestation, and managing InfoSec internal and external audits from evidence submission through to finding remediation.

Main responsibilities:

  • Subject Matter Expert for InfoSec Risk and Compliance related topics

  • Delivery of the security training and awareness programme, including the execution of an all employee training curriculum, bespoke training creation, regular phishing tests, performance measurement and continuous improvement

  • Provide consultancy and technical expertise on risk mitigation and control maturity activities

  • Produce Management reporting on Information Security Risk and Control Performance Indicators

  • Facilitate the Information Security Policy and Standards annual review cycles and policy exceptions and exemptions management

  • Deliver Information Security risk assessments at the corporate and local levels. Including: assessment facilitation, report creation of risk decisioning, mitigation planning and action tracking, maintain all evidences and progress updates on the InfoSec risk register

  • Perform periodic self-assessment of risk and controls, health checks, scoring, mitigation, and continuous improvement

  • Work collaboratively with the independent assurance functions – Internal and External Auditors:

    • Support and facilitate audit evidence collection and secure storage

    • Provide tracking and management reporting of all Audit findings

  • Manage InfoSec control compliance attestation, working with the control owners providing 2nd Line of Defence oversight

  • Build a strong network with key stakeholders such as: Enterprise Risk Management, Business Continuity & Resilience Team, Corporate Security, Finance Internal Controls Team, Internal Audit


  • Bachelor’s degree in Computer Science, Management of Information Systems, Business, or related field

  • 5+ years of IT experience with 2+ years of Information Security experience or similar

  • English: proficiency (must)

  • Qualification in Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or similar (desirable)

  • Strong communication skills both verbal and written with demonstrated effective team working in a multi-cultural international environment

  • Working collaboratively with Internal and External auditors

  • Information Risk Management methodology and tools

  • Implementing a Security control frameworks such as ISO 27001/2/5, NIST or similar

  • Demonstrated track record of success in delivering projects/audits with budgetary constraints

  • Process design and implementation skills, and mindset of continuous improvement to support the achievement of organisational goals and strategies

  • Good analytical and planning skills combined with independent, goal- and process-oriented way of working

  • Proven experience in navigating complex organizations with creative problem solving

  • Experience in the consumer product market, beverage industry or logistics

  • Knowledge of regulatory environments applicable to US publicly traded companies (SOX), Information Security and data privacy regulations and Credit Card Standards (PCI:DSS)

  • Knowledge of Information Security Management Systems and Security Control Frameworks

Our employee value proposition:

  • Competitive Rewards & Compensation plan

  • Social Benefits & Corporate discounts

  • Recognition programs

  • Career & Talent progression growth opportunities

  • Excellent Health & Wellbeing conditions

  • Modern and comfortable working environment & tools

  • Hybrid & Flexible working

  • Social activities and events


Coca-Cola Europacific Partners (CCEP) is a major fast-moving consumer goods business and the world’s largest independent Coca-Cola bottler. With a dedicated team of 33,200 people, serving customers in 29 countries, we make, sell and distribute the world’s most loved drinks brands to more than 600 million people, including Coca-Cola®, Fanta®, Powerade®, Glaceau Vitaminwater®, Monster® and Capri-Sun®. And we want a workforce as diverse as our products – with a culture that fosters belonging and inclusivity. One that enables everyone to be themselves, whatever their background or experience. From gender, age and ethnicity to sexual orientation and different abilities, we welcome people from all walks of life and empower unique perspectives. We recognize we’ve got some way to go, but we’ll get there with the support of our people. It’s them who drive our future growth.

Job Information:
Location: XXXXX