Senior Analyst, CSIRT

About Mondelēz International

Join Mondelēz International in our mission to lead the future of snacking. Make it uniquely yours by becoming a key member of our information security team as a competent and experienced information security and compliance leader.

How You Will Contribute as a Senior Analyst, CSIRT

As a Senior Analyst, CSIRT, you will play a vital role in strengthening MDLZ security measures. Your responsibilities will include:

• Investigating and responding to security incidents effectively.
• Collaborating with cross-functional teams to drive resolution for complex cybersecurity issues.
• Contributing to robust Incident Response techniques, processes, and capabilities.
• Partnering on improvements within and outside the security domain to enhance team and organizational maturity.

What You Will Bring to the Team

We are looking for a candidate who will:

• Take ownership of enhancing our security posture and protecting MDLZ infrastructure.
• Be adept at technical writing and capable of communicating with both technical and nontechnical stakeholders, including C-suite, tailoring information to their roles and business priorities.
• Develop and execute comprehensive containment, eradication, and recovery strategies, prioritizing business continuity.
• Coordinate response activities with incident response teams, internal stakeholders, and external partners, following best-practice procedures.
• Perform in-depth malware analysis, network forensics, log analysis, and reverse engineering to identify root causes and uncover IOCs and TTPs.
• Contribute significantly to the continuous review, refinement, and expansion of incident response playbooks, runbooks, and SOPs, aligning with industry best practices (e.g., NIST, MITRE).
• Embody a passion for growth and drive for continuous learning.
• Act as a coach and mentor to other analysts, elevating skills and contributing to global cybersecurity capabilities.
• Provide technical training sessions to various MDLZ global teams.
• Perform "lessons learned" reviews for significant incidents, identifying systemic weaknesses and driving recommendations for security control improvements.
• Contribute to team’s expansive skills set across topics like reverse engineering, cloud security, process development, scripting in Python, PowerShell, Bash, C/C++, ICS protocols, and AI-based automation.

More About This Role: Global Cybersecurity Incident Response Team

Key aspects of this position include:

• Participation in a global Cybersecurity Incident Response Team with a rotational on-call schedule.
• Monitoring computer environments for security issues.
• Performing Threat Analysis on events from security tools, external parties, and internal SMEs.
• Investigating security breaches and other cybersecurity events/incidents.
• Contributing to Root Cause Analysis, Lessons Learned, and Corrective Action Reporting.
• Creating executive summaries, status reports, and supplying metrics to relevant stakeholders.
• Participating in special projects as needed.

Education & Certifications

• High school diploma, GED, or equivalent certification required.
• Bachelor's degree in Information Technology, Cybersecurity, Computer Science or a relatable field preferred.
• Professional certifications through bodies like CompTIA (Security+, CySA+), SANS-GIAC (GCIH, GDAT, GPEN, GCFE, GRID), ISC2 (CISSP), or Offsec (OCSP, OSIR) are highly valued.

Job Specific Requirements

• 3-6+ years' experience in Incident Response, Information Security, SOC, Forensics, Purple-teaming, or a related field.
• Knowledge/Experience in: SIEM (Splunk, Humio), SOAR (Cyware, Splunk, XSOAR), Endpoint Security (EDR like CarbonBlack, Crowdstrike, Defender), Email Security (Proofpoint, O365 ATP), Firewalls, WAF, IDS/IPS, Web Content Filtering, Proxies, Database, Data Loss Prevention (DLP), Identity and Access Management (IAM), Cloud Computing Services, Scripting, MITRE ATT&CK Framework, NIST, Cloud Compute (AWS, GCP, Azure), Cloud Native Application Protection (Forcepoint ONE, Wiz, Orca).

Work Arrangement & Compensation

This is a remote position with core hours, based on geographical location and time zone, including one weekend on-call every 8 to 10 weeks. The base salary range is $122,000 to $167,750, supplemented by a highly competitive bonus program and comprehensive benefits including health insurance, retirement plans, paid leave, and more.

Key skills/competency

• Incident Response
• Cybersecurity
• Malware Analysis
• Network Forensics
• Log Analysis
• SIEM/SOAR
• EDR
• MITRE ATT&CK
• Cloud Security
• Technical Communication