Head of Threat Engineering & Application Security

Job Description

Head of Threat Engineering & Application Security What you become a part of

Join Coca‑Cola Europacific Partners (CCEP) as a key leader within our BPT Service Delivery & Security organisation. You will be part of the CISO Leadership Team, shaping and driving our cybersecurity strategy across Europe.

In this role, you will lead the Threat Engineering & Application Security function, ensuring our platforms, applications and tooling remain resilient, modern and aligned to an evolving threat landscape. You will collaborate with talented engineering, architecture, operations and project teams to help safeguard CCEP’s information, strengthen detection and prevention capabilities, and advance our approach to application security across IT and OT environments.

You’ll also play an important role in developing our people, building engineering excellence and fostering a culture of continuous improvement, innovation and technical mastery.

As the Threat Engineering & Application Security Lead, you will:

• Define and deliver the Threat Engineering & Application Security strategy in alignment with the CCEP BPT strategy and security policies.
• Provide subject‑matter input to the CISO Leadership Team on cybersecurity priorities, tooling strategy and emerging risks.
• Lead, coach and develop a high‑performing team, ensuring strong technical capability, clarity of direction and high engagement.
• Act as secondary leader for SOC operations, supporting the SOC Lead when required.

• Own the end‑to‑end Application Security programme, including penetration testing, API security, secure development practices and vulnerability identification.
• Govern and oversee application security testing across all critical platforms and services.
• Review and approve solution designs to ensure alignment with security architecture, secure coding standards and regulatory requirements.

• Manage the lifecycle, optimisation and value realisation of all security tooling, ensuring solutions remain effective, tuned and integrated.
• Lead threat‑driven enhancements to detection, visibility and resilience across IT and OT landscapes.
• Define AI‑security technical controls for application features and integrations.
• Develop and enhance automation for threat engineering, security tooling and application security workflows.

• Own relevant security policies, standards and procedures related to security tooling and application security.
• Monitor compliance with internal security policies, external regulations and audit requirements, and lead remediation efforts.
• Oversee third‑party security assessments, ensuring supplier compliance and risk mitigation.
• Conduct technology and vendor evaluations to support continuous improvement.

• Manage budget planning and reporting for the unit, ensuring optimised investment in security solutions.
• Collaborate with BPT teams to enable secure project delivery, technical integration and operational excellence.

• Extensive experience (10+ years) in IT Security with progressive responsibility.
• At least 5 years of hands‑on experience with security tooling, architecture and project delivery.
• Degree in Business Administration, Information Management or comparable discipline; a Master’s degree in IT is an advantage.
• Relevant cyber security, cloud, or vendor-specific certifications are beneficial
• Experience leading and developing teams, ideally in international or matrix environments.
• Strong experience in IT service operations and security processes.
• Background in supplier management, sourcing strategies and budget planning.

• Solid understanding of network protocols, cloud architectures, firewalls, IDS/IPS, encryption and related technologies.
• Experience with security tooling such as EDR, SIEM, email security, automation platforms and attack surface management.
• Strong knowledge of logging, monitoring, incident detection and incident handling.
• Solid understanding of Application Security tools and processes
• Deep understanding of security architectures, threat detection and prevention, SOC operations and OT security tooling.

• Ability to shape strategy, lead change and translate vision into action.
• Strong communication and presentation capabilities, engaging stakeholders across all levels.
• Creative and solution‑focused mindset with a commitment to continuous improvement.
• Fluent in English; additional European languages (German, Spanish, French) are an advantage.

We recognise that no candidate will meet every requirement, so if your experience aligns with some but not all of the criteria, we would still encourage you to apply. Our team is here to support your ongoing development.

We are Coca-Cola Europacific Partners (CCEP) – a dedicated team of 42,000 people, serving customers in 31 countries, who work together to make, move and sell some of the world’s most loved drinks.
We are a global business and one of the leading consumer goods companies in the world. We help our 2.1 million customers grow, and we are constantly investing in exciting new products, innovative technologies and fresh ideas. This helps us to delight the 600 million people who enjoy our drinks every day.

From gender, age and ethnicity to sexual orientation and different abilities, we welcome people from all walks of life and empower unique perspectives. We recognise we’ve got some way to go, but we’ll get there with the support of our people. It’s them who drive our future growth. To find out more about what it’s like to work at and our culture we would welcome you to speak to one of our employees on our live chat platform, just click here to speak to an insider

We recognise some people prefer not to participate in alcohol related sales, interactions, or promotions. If that’s true for you – please raise this with your talent acquisition contact who will advise you on whether this role includes activities related to our alcohol portfolio.