Mega Image – Ahold Delhaize Group is looking for an experienced Business Security Advisor Manager to join our Security Center of Excellence and drive end-to-end business-centric security advisory for high-impact initiatives across the organization.

About the Role

As a Business Security Advisor Manager, you will evaluate information security risks across business projects, ensure alignment with company policies and legal frameworks, and act as a key strategic partner for our internal stakeholders. You will manage the Business Security Advisory Center of Excellence, provide SME and Quality Assurance expertise, and support strategic decision-making to ensure our solutions remain secure, compliant and business-aligned.

Key Responsibilities

Risk Assessment & Security Advisory

• Evaluate information security risks related to business projects and determine their potential impact.
• Provide continuous support throughout the project lifecycle to reduce risks and ensure business objectives are met.
• Ensure that IT solutions and business processes comply with company policies, security standards and legal frameworks.
• Develop, maintain and augment risk and assurance evaluation work programs and protocols to be used across the organization.
• Evaluate business projects and changes to ensure compliance with corporate security policies, balancing security needs, risk, and business objectives.
• Advise business and technical teams on implementing compliant security solutions.
• Facilitate security risk assessments for new applications, new vendors, and major system changes.
• Determine which security enablers are required for each demand (foundational and specific).
• Ensure that during service composition, prototyping, testing and production handover, all security requirements are considered and appropriately applied.

Vendor Risk Management

• Perform quick scans and deep-dive vendor risk assessments using standardized or tailored methodologies when needed.
• Create customized vendor assessment processes in cases of complexity or special requirements.
• Combine technical and non-technical expertise to execute the vendor risk assessment process effectively.
• Assess information security risks associated with new vendors and their potential impact.
• Continuously improve the vendor risk assessment processes.

Issue Monitoring, Compliance & External Reporting

• Assess all information security risks and ensure that risk treatment plans are prioritized and aligned with enterprise risks and compliance mandates.
• Provide expertise in situations where external stakeholders (auditors, regulators, partners) request information about security.
• Ensure external connections are implemented and operated in accordance with the IS Control Framework.

Security Center of Excellence (CoE)

• Create, manage and evolve the Business Security Advisory Center of Excellence.
• Consolidate expertise in business consultancy, process engineering, security architecture, technical and non-technical security.
• Serve as a focal point for security consulting, best practices and knowledge sharing across the company.
• Provide SME and QA support to business units across the organization.

Data Governance & Information Protection

• Develop strategies for data ownership, storage governance and lifecycle management.
• Provide and implement tools for identifying, storing and securing data archives, training materials and professional documentation.

Specialized Security Expertise

Provide deep knowledge in key security domains:

• Technical and non-technical security
• Security architecture
• Governance, Risk and Compliance (GRC)
• Cyber Defense Program
• Plus expertise in one or more technical domains:
• AIX & Linux
• Windows OS & Active Directory
• Networking technologies
• Mobile technologies
• Cloud technologies

Collaboration & Knowledge Sharing

• Collaborate cross-functionally to identify opportunities for common security solutions or process optimization.
• Share expertise proactively through trainings, mentoring and stakeholder interactions.
• Promote a cooperative, professional and respectful environment.

Skills & Competencies

Soft Skills

• Strategic vision and forward-thinking mindset
• Risk anticipation and decision-making based on data and financial insights
• Excellent communication and stakeholder management skills
• Negotiation, persuasion, mediation and conflict resolution abilities
• Strong presentation and public speaking skills
• Leadership and team coordination
• Ability to explain complex concepts clearly and simply
• Change management capability
• Analytical and problem-solving skills
• Creativity and logical reasoning
• Client-oriented and results-driven mindset
• Ability to perform under pressure

Technical Competencies

• Project management knowledge
• Strong PC skills: Outlook, Excel, Word, PowerPoint, SAP
• Strong command of Romanian and English

Requirements

• Bachelor's or Master’s degree in an field
• Information Security certifications (nice to have)
• 13+ years of IT experience in related fields
• Extensive managerial experience
• Fluent in English

Show more
Show less