Senior Hunting Intelligence Analyst

Mondelēz International•San Antonio, TX

10d•$109,000 - $149,875•Remote

About The Position

Are You Ready to Make It Happen at Mondelēz International? Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours. We are seeking a highly skilled and motivated Senior Threat Hunting Intelligence Analyst to join our Global Cyber Security team. This role blends proactive threat hunting with intelligence analysis, while also contributing to the development and operation of our internal security tooling. You will shape and enhance our global threat hunting and intelligence programs by advancing platform maturity, automation, and intelligence tradecraft. You will advise governance, technical teams, and business leadership on findings, risks, and mitigation strategies to reduce operational exposure As both a hands-on technical expert and strategic contributor, you will work closely with Security Operations, Incident Response, Detection Engineering, Offensive Security, and key enterprise stakeholders. Success in this role requires deep experience translating threat intelligence into actionable detection opportunities, identifying and mapping coverage gaps, and driving threat-informed improvements across detection, response, and defensive posture. What you will bring: A desire to drive your future and accelerate your career. The United States is the largest market in the Mondelēz International family with a significant employee and manufacturing footprint. Here, we produce our well-loved household favorites to provide our consumers with the right snack, at the right moment, made the right way. We have corporate offices, sales, manufacturing and distribution locations throughout the U.S. to ensure our iconic brands—including Oreo and Chips Ahoy! cookies, Ritz, Wheat Thins and Triscuit crackers, and Swedish Fish and Sour Patch Kids confectionery products —are close at hand for our consumers across the country. Mondelēz Global LLC is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Applicants who require accommodation to participate in the job application process may contact 847-943-5460 for assistance. For more information about your Federal rights, please see eeopost.pdf; EEO is the Law Poster Supplement; Pay Transparency Nondiscrimination Provision; Know Your Rights: Workplace Discrimination is Illegal At Mondelēz International, our purpose is to empower people to snack right through offering the right snack, for the right moment, made the right way. That means delivering a broader range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about. We have a rich portfolio of strong brands – both global and local. Including many household names such as Oreo, belVita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. We are proud to hold the number 1 position globally in biscuits, chocolate and candy as well as the No. 2 position in gum Our 80,000 Makers and Bakers are located in our operations in more than 80 countries and are working to sell our products in over 150 countries around the world. They are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen, and happen fast. Join us and Make It An Opportunity!

Requirements

3-5 years of experience in Information Security.
3–5 years of hands-on experience in threat hunting, including hypothesis-driven hunts using internal telemetry.
2-3+ years of experience in cyber threat intelligence, intelligence analysis, cyber operations, or cyber risk management.
Strong written and verbal communication skills, with the ability to tailor analysis to technical and executive audiences.
Ability to work independently, lead initiatives with supervision, and maintain clarity under pressure.
High school diploma, GED, or equivalent certification.
Bachelor’s degree preferred.

Nice To Haves

Experience executing threat hunting strategy and roadmap at an enterprise level.
Experience implementing, operating, and automating a threat intelligence platform (TIP), including integrations with SIEM, SOAR, EDR, and external intelligence sources.
Experience designing or leading intelligence-driven threat hunting programs.
Experience working in or alongside Purple Team functions, collaborating with offensive and defensive teams to execute adversary emulation or TTP-based exercises.
Familiarity with MITRE ATT&CK and its application across intelligence analysis, threat hunting, and detection validation.
Experience translating intelligence into hunting rules, response improvements, or control validation.
Strong analytical mindset with the ability to synthesize large volumes of data into actionable insights.
Ability to translate technical findings and details to business leaders and stakeholders to portray an accurate picture of risk reductions
Strong desire to continuously learn and adapt to evolving threats, technologies, and intelligence methodologies.
Relevant certifications such as GCTI, GCIH, CISSP, OCSP, or equivalent.
Familiarity with modern development and automation practices, including Agile methodologies, GitOps workflows, and scripting languages such as Python to support automation, tooling development, and repeatable analysis processes.

Responsibilities

Designing and executing intelligence-driven, hypothesis-driven, and behavioral threat hunts across endpoint, network, cloud, and identity telemetry.
Developing and refining detection logic, hunting playbooks, and analytics to reduce dwell time, improve detection capabilities, and identify gaps in the environment.
Leading and executing intelligence‑driven threat hunting operations by fusing internal telemetry with external threat intelligence to proactively uncover adversary activity, identify anomalies, and highlight gaps in defensive controls.
Collaborating closely with detection engineering teams to operationalize hunt findings, transforming validated behaviors and adversary TTPs into scalable, production‑grade detection logic.
Translating adversary behaviors and campaign intelligence into actionable improvements for detections, response playbooks, and control validation.
Performing intrusion analysis and kill-chain analysis to understand attack paths, identify security gaps, and recommend hardening measures.
Developing and maintaining repeatable hunt methodologies, frameworks, and playbooks to scale threat hunting operations and promote analytical rigor.
The cyber threat intelligence lifecycle, intelligence requirements, collection methodologies, and analytic best practices.
Supporting adversary attribution and clustering threat activity by identifying and tracking TTPs, infrastructure, and behavioral patterns to map intrusions to specific threat actors and maintain visibility into evolving campaigns
Collecting, analyzing, and contextualizing threat intelligence from multiple sources (OSINT, commercial feeds, ISACs, dark web) to identify threats relevant to Mondelēz International.
Conducting adversary infrastructure research and analytic pivoting to identify, correlate, and track related threat infrastructure.
Supporting the maturation of threat hunting and intelligence capabilities, including processes, tooling, automation, and intelligence-led security operations.
Knowledge of threat intelligence standards and technologies, including MITRE ATT&CK, STIX/TAXII, kill chain modeling, the Diamond Model of Intrusion Analysis, and structured analytic techniques such as the Analysis of Competing Hypothesis (AHC).
Monitoring emerging cyber threats, geopolitical risks, and regulatory developments and assessing their impact on international operations.
Proficient in analyzing indicators of compromise (IOCs), TTPs, malware families, and adversary infrastructure to support detection engineering and threat hunts.
Producing, reviewing, and editing high-quality intelligence products tailored to executive, technical, and operational audiences.
Effectively communicating analytic methodology, tasking, and operational guidance to internal teams and stakeholders, in alignment with Intelligence Community standards such as ICD 203 and ICD 206.