Senior Information Security Analyst

Description

Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.

Youwillwork in the CybersecurityIncidentResponse Center at MDLZ as a Senior Information SecurityAnalyst.

How you will contribute :

As a Senior Incident ResponseAnalystyou will play a vital role in strengthening MDLZ security measures. You will investigate and respond to security incidents, collaborate with cross-functional teams, and drive resolution to complex cybersecurity issues within our environment. Yourexpertisewillcontributestrong and well-designedIncident Response techniques, processes, and will be asked topartner onimprovements both within and outside of the security domain todriveincreases in team, department, and organizational maturity.

What you will bring :

Take ownership of enhancing our security posture and protecting MDLZ infrastructure

Be adept at technical writing.

Capable of communicatingwith bothtechnical and nontechnical stakeholdersacross all levels including C-suite with ability to scope, tailor, and triage information shared to the roles and business priorities of audiences

Develop and execute comprehensive containment, eradication, and recovery strategies, prioritizing business continuity and minimizing disruption tobusinessprocesses. Coordinate response activities withincident response teams,internal stakeholders,and external establishedand best-practiceincident response procedureswhileiteratingas necessary for novel events.

Collaborate closely with a wide range of technical and non-technical teams across business functions and geographies. Effectively scope, tailor, and triage incident information for diverse audiences, including C-suite executives, providing clear, concise, andtimelyupdates.

Perform in-depth malware analysis, network forensics, log analysis, and reverse engineering toidentifyroot causes,establishtimelines, and uncover Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs)both independently and in partnership with security, technology, and business roles.

Contribute significantly to the continuous review, refinement, and expansion of incident response playbooks, runbooks, and Standard Operating Procedures (SOPs), aligning them with industry best practices (, NIST,MITRE) and our unique global context.

Embody apassionfor growthand drivefor continuous learning

Act as a coach and mentor tootheranalysts, elevating skills and contributing to overall uplift of our global cybersecurity capabilities. Provide technical training sessions to various MDLZ global teams.

Perform"lessons learned" reviews for significant incidents,identifyingsystemic weaknesses and driving recommendations for security control improvements, architectural enhancements, and organizational changes to prevent recurrence.

Contribute to team’sexpansiveskillset across topics likereverse-engineering, cloud security, process development, scripting in Python, PowerShell, Bash, C / C++, ICS protocols, AI-based automation, and more.

More about this role

Global Cybersecurity Incident Response Team with a rotational on-call schedule

Monitor computerenvironmentsfor security issues

Perform Threat Analysis on events reported bysecuritytools, external parties, and internalSMEs

Investigate security breaches and other cybersecurityevents / incidents

Contribute toRootCauseAnalysis,LessonsLearned, andCorrectiveActionReporting

Createexecutive summaries,statusreportsandsupplymetrics to relevant stakeholdersindependently

Participate in special projects as needed

What extra ingredients you will bring :

Education / Certifications :

Bachelor’s Degree in Information Technology, Cybersecurity, Computer Science or similar.

Hold professional certificationsthrough certifying bodies like :

CompTIA : Security+,CySA+

SANS-GIAC : GCIH,GDAT, GPEN, GCFE, GRID

ISC2 : CISSP

Offsec : OCSP, OSIR

Job specific requirements :

3-6+years experienceinIncidentResponse,InformationSecurity, SOC,Forensics,Purple-teaming,or related field

Knowledge / Experiencein :

SIEM (ieSplunk,Humio), SOAR (ieCyware,Splunk, XSOAR), Endpoint Security (EDR) (ieCarbonBlack,Crowdstrike, Defender), Email Security (ie. Proofpoint, O365ATP), Firewalls, WAF, IDS / IPS, Web Content Filtering, Proxies, Database, Data Loss Prevention (DLP), Identity and Access Management (IAM), Cloud Computing Services, Scripting, MITRE ATT&CK Framework and Incident Response,NIST, CloudCompute(ieAWS, GCP, Azure),Cloud Native Application Protection(ieForcepointONE,Wiz,Orca)

Travel requirements :

Occasional

Work schedule : Remote

On-call

No Relocation support available

Business Unit Summary

Headquartered in Singapore, Mondelēz International’s Asia, Middle East and Africa (AMEA) region is comprised of six business units, has more than 21,000 employees and operates in more than 27 countries including Australia, China, Indonesia, Ghana, India, Japan, Malaysia, New Zealand, Nigeria, Philippines, Saudi Arabia, South Africa, Thailand, United Arab Emirates and Vietnam. Seventy-six nationalities work across a network of more than 35 manufacturing plants, three global research and development technical centers and in offices stretching from Auckland, New Zealand to Casablanca, Morocco. Mondelēz International in the AMEA region is the proud maker of global and local iconic brands such as and biscuits, mooncakes, and chocolate, candy, gum, powdered beverage and cheese. We are also proud to be named a Top Employer in many of our markets.

Mondelēz International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.

Job Type

RegularInformation SecurityTechnology & Digital