Senior Analyst, CSIRT

Mondelēz International

8d•$122,000 - $167,750•Remote

About The Position

You work with the information security team as a competent and experienced information security and compliance leader. How you will contribute You will assess information security risks in line with internal policies and external best practices and determine requirements how to secure Mondelēz International information and IT assets. In addition, you will develop security standards and policies; advise technical teams when developing relevant procedures or have operational security questions; review and consulting them on compliant and effective use of common tools. You will also keep business stakeholders apprised on the overall security and compliance roadmap, provide training on information security to appropriate teams, and develop security strategies, architectures and roadmaps across process and technologies. What you will bring Take ownership of enhancing our security posture and protecting MDLZ infrastructure Be adept at technical writing. Capable of communicating with both technical and nontechnical stakeholders across all levels including C-suite with ability to scope, tailor, and triage information shared to the roles and business priorities of audiences Develop and execute comprehensive containment, eradication, and recovery strategies, prioritizing business continuity and minimizing disruption to business processes. Coordinate response activities with incident response teams, internal stakeholders, and external partners. Follow established and best-practice incident response procedures while iterating as necessary for novel events. Collaborate closely with a wide range of technical and non-technical teams across business functions and geographies. Effectively scope, tailor, and triage incident information for diverse audiences, including C-suite executives, providing clear, concise, and timely updates. Perform in-depth malware analysis, network forensics, log analysis, and reverse engineering to identify root causes, establish timelines, and uncover Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) both independently and in partnership with security, technology, and business roles. Contribute significantly to the continuous review, refinement, and expansion of incident response playbooks, runbooks, and Standard Operating Procedures (SOPs), aligning them with industry best practices (e.g., NIST, MITRE) and our unique global context. Embody a passion for growth and drive for continuous learning Act as a coach and mentor to other analysts, elevating skills and contributing to overall uplift of our global cybersecurity capabilities. Provide technical training sessions to various MDLZ global teams. Perform "lessons learned" reviews for significant incidents, identifying systemic weaknesses and driving recommendations for security control improvements, architectural enhancements, and organizational changes to prevent recurrence. Contribute to team’s expansive skills set across topics like reverse engineering, cloud security, process development, scripting in Python, PowerShell, Bash, C/C++, ICS protocols, AI-based automation, and more. More about this role What you need to know about this position: Global Cybersecurity Incident Response Team with a rotational on-call schedule Monitor computer environments for security issues Perform Threat Analysis on events reported by security tools, external parties, and internal SMEs Investigate security breaches and other cybersecurity events / incidents Contribute to Root Cause Analysis, Lessons Learned, and Corrective Action Reporting Create executive summaries, status reports and supply metrics to relevant stakeholders independently Participate in special projects as needed

Requirements

High school diploma, GED, or equivalent certification
3-6+ years' experience in Incident Response, Information Security, SOC, Forensics, Purple-teaming, or related field
Knowledge/Experience in: SIEM (ie Splunk, Humio), SOAR (ie Cyware, Splunk, XSOAR), Endpoint Security (EDR) (ie CarbonBlack, Crowdstrike, Defender), Email Security (ie. Proofpoint, O365 ATP), Firewalls, WAF, IDS/IPS, Web Content Filtering, Proxies, Database, Data Loss Prevention (DLP), Identity and Access Management (IAM), Cloud Computing Services, Scripting, MITRE ATT&CK Framework and Incident Response, NIST, Cloud Compute (ie AWS, GCP, Azure), Cloud Native Application Protection (ie Forcepoint ONE, Wiz, Orca)

Nice To Haves

Bachelor's degree "preferred" - in Information Technology, Cybersecurity, Computer Science or relatable field.
Hold professional certifications through certifying bodies like: CompTIA: Security+, CySA+ SANS-GIAC: GCIH, GDAT, GPEN, GCFE, GRID ISC2: CISSP Offsec: OCSP, OSIR

Responsibilities

Assess information security risks in line with internal policies and external best practices and determine requirements how to secure Mondelēz International information and IT assets.
Develop security standards and policies
Advise technical teams when developing relevant procedures or have operational security questions
Review and consulting them on compliant and effective use of common tools
Keep business stakeholders apprised on the overall security and compliance roadmap
Provide training on information security to appropriate teams
Develop security strategies, architectures and roadmaps across process and technologies
Take ownership of enhancing our security posture and protecting MDLZ infrastructure
Be adept at technical writing.
Capable of communicating with both technical and nontechnical stakeholders across all levels including C-suite with ability to scope, tailor, and triage information shared to the roles and business priorities of audiences
Develop and execute comprehensive containment, eradication, and recovery strategies, prioritizing business continuity and minimizing disruption to business processes.
Coordinate response activities with incident response teams, internal stakeholders, and external partners.
Follow established and best-practice incident response procedures while iterating as necessary for novel events.
Collaborate closely with a wide range of technical and non-technical teams across business functions and geographies.
Effectively scope, tailor, and triage incident information for diverse audiences, including C-suite executives, providing clear, concise, and timely updates.
Perform in-depth malware analysis, network forensics, log analysis, and reverse engineering to identify root causes, establish timelines, and uncover Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) both independently and in partnership with security, technology, and business roles.
Contribute significantly to the continuous review, refinement, and expansion of incident response playbooks, runbooks, and Standard Operating Procedures (SOPs), aligning them with industry best practices (e.g., NIST, MITRE) and our unique global context.
Embody a passion for growth and drive for continuous learning
Act as a coach and mentor to other analysts, elevating skills and contributing to overall uplift of our global cybersecurity capabilities.
Provide technical training sessions to various MDLZ global teams.
Perform "lessons learned" reviews for significant incidents, identifying systemic weaknesses and driving recommendations for security control improvements, architectural enhancements, and organizational changes to prevent recurrence.
Contribute to team’s expansive skills set across topics like reverse engineering, cloud security, process development, scripting in Python, PowerShell, Bash, C/C++, ICS protocols, AI-based automation, and more.
Monitor computer environments for security issues
Perform Threat Analysis on events reported by security tools, external parties, and internal SMEs
Investigate security breaches and other cybersecurity events / incidents
Contribute to Root Cause Analysis, Lessons Learned, and Corrective Action Reporting
Create executive summaries, status reports and supply metrics to relevant stakeholders independently
Participate in special projects as needed