Mondelz International, Inc. empowers people to snack right in over 150 countries around the world. We're leading the future of snacking with iconic brands such as Oreo, bel
Vita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. Our 80,000 colleagues around the world are key to the success of our business. Great people and great brands. That's who we are.
Join us on our mission to continue leading the future of snacking around the world by offering the right snack, for the right moment, made the right way. It's time for you to Make It with Mondelz International.
Information Systems, you'll connect and empower every aspect of our global organization through excellence in technology and services. This includes investing in growth-enabling solutions as well as systems that integrate our supply chain from procurement to manufacturing, and customer service to logistics. You'll help Mondelz International implement the right business capabilities, powered by better information
The Security Monitoring and Threat Manager is responsible for designing and supporting all elements of the security monitoring program running within security operations. The incumbent will work closely with the security and threat center to ensure consolidating, reviewing and centrally storing the monitoring logs from network devices, hosts, files, databases and privileged user access to identify or be alerted of events, including anomalous events, that require further investigation and potential trigger of the incident response process covered in the incident response plan.
Maintain security logging standards and procedures across infrastructure, applications and databases
Implement security event and log creation requirements by configuring a Security Information and Event Management (SIEM)
Maintain information security monitoring standards and procedures
Manage log storage and analyze technologies to ensure proper monitoring of threats
Review threat intelligence reports to focus monitoring efforts
Monitor indicators of compromise related to advanced, targeted attackers
Coordinate with the security monitoring and threat center to collect the security event logs to the central SIEM and identify anomalies and improvement areas to address and reduce non-compliance
Provide recommendations based on best practices and experience to develop processes that will enhance efficiencies needed to perform security related responsibilities
Identify threats and manage the threat profile of Mondelez
Develop models for identifying incident-type activity, either malware or threat actors while leveraging on statistical analysis
Review incident logs/records and proactively mine for patterns to monitor risks
Explore patterns in the network and system activity through log correlation using selected tools
Understand the current threat landscape and provide input to the security and threat monitoring center on areas of focus
Strong background in Information/Technical Information Security, with a minimum of 7 years of IT, Cybersecurity, or some combination of both.
Experience with network security analysis using detection systems
Extensive experience conducting analysis and using the data properly
Strong understanding of logging concepts, including logging at different levels, i.e., network, host, operating system, database, application, and different types of logs, e.g., system events, records.
Experience working with security monitoring information and event management tools (i.e., SIEM tools).
Ability to interface with teams across the CISO function and guide them through on threats and security risks
Ability to design, evaluate and document processes and lead teams in accomplishing process review and improvement.
Strong understanding of information security across all security domains and the relationship between threats, vulnerabilities and information value in the context of risk management.
Knowledge of threat management related concepts, including attack vectors and modes of operation, threat actors, scope and modes of operation of known threats, patterns related to cyber threats, etc.
Understanding of networking technologies, vulnerabilities and attacks and operation of malicious code and exploitations.
Professional certifications are a plus but not required:
Certified Information Systems Security Professional (CISSP)
Certified in Risk and Information Systems Control (CRISC)
Certified in the Governance of Enterprise IT (CGEIT)
Mondelz Global LLC is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Applicants who require accommodation to participate in the job application process may contact 847-943-5460 for assistance.
Applicants must complete all required steps in the application process, including providing a Resume/CV, in order to be considered for this position.
Mondelez International, Inc.