Security Operations and Cyber Incident Response Lead
East Hanover, NJ

Job Description

Mondelez International, Inc. empowers people to snack right in over 160 countries around the world. We're leading the future of snacking with iconic brands such as Oreo, belVita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. Our 90,000 colleagues around the world are key to the success of our business. Great people and great brands. That's who we are.

Join us on our mission to continue leading the future of snacking around the world by offering the right snack, for the right moment, made the right way.

In Information Systems, you'll connect and empower every aspect of our global organization through excellence in technology and services. This includes investing in growth-enabling solutions as well as systems that integrate our supply chain from procurement to manufacturing, and customer service to logistics. You'll help Mondelēz (MDLZ) International implement the right business capabilities, powered by better information.

The Security Operations and Cyber Incident Response Lead is responsible for developing the strategy and vision for the Security Operations team, and the execution of the responsibilities within the Security Operations and Cyber Incident Response functions. This role is accountable for the key security operations areas, including but not limited to, incident response, data loss prevention, security monitoring, security analytics and reporting. This individual will manage the relationships with key IT stakeholders across the organization providing efficient and consistent security operations services to continuously recommend improvement opportunities to create better lines of defense. The incumbent is responsible to monitor the different lines of defense and manage better through analytics and penetration testing allowing Mondelez to close on all vulnerabilities. This role needs to have a clear line of sight on the issues and gaps resulting from the security monitoring activities and security operations center to suggest innovative and faster ways addressing incident response. The incumbent is also responsible to use the analytics to provide insight to other security leads in order to enhance policies and processes related to Risk Management, Security Program Management, and Security Governance.

* Oversee the planning, budgeting and directing of all Security Operations activities across the teams.
* Oversee the Incident Response (IR) programs, including reviewing status provided on level 2 and 3 risks and high-level monitoring of all IR activities and alignment to Mondelez's IR Plan.
* Review the analytics and ensure that relevant parties are involved for required forensics issues/risks that span legal, compliance and regulatory requirements, (e.g., Legal, Data Protection, General Counsel, Vulnerability and forensics).
* Define and unify across all lines of defense, the security monitoring expectations and goals in alignment with Mondelez's Information Security strategy.
* Approve, or coordinate approval for, security monitoring policies, procedures, standards and roles and responsibilities.
* Oversee a team to provide monitoring and response to security events, alerts and reports identified via implemented security tools
* Identify opportunities for enhanced coverage of threat intelligence and security monitoring and recommend solutions that could be implemented to create better lines of defense.
* Review status updates provided by the Vulnerability and Threat Management team, and the 3rd party risk managers who manage the relationship with the managed service provider(s), on an ongoing basis.
* Oversee the management of anti-malware technologies on systems including the performance of anti-malware technologies, patterns in attacks to set the strategies and policies related to updating security control needs and configurations based on security standard requirements.
* Review status provided by the Vulnerability Management Project Managers, including logging and monitoring progress, and monitoring of vulnerability treatment by Mondelez and suggest improvement areas.
* Bachelor's degree, preferably in IT
* Minimum of 15 years of experience in security, or other relevant IT domains
* Understanding and technical knowledge of Security Operations concepts, including but not limited to, incident response, data loss prevention, security monitoring, threat management, host security and vulnerability management.
* Demonstrable strong management skills, including the ability to develop, mentor and coach others.
* Strong written and oral executive communication, including up to the C-level.
* Experience in working in large or federated enterprises, preferably in the Consumer Products and FMCG industries.
* Ability to describe cyber risk from an operating perspective to provide consulting guidance and build relationships.
* Ability to design and evaluate processes to build security functions and review processes for ongoing improvement.
* Ability to development information security operations operating plans consistent with the strategy and vision.
* Ability to delegate work to team members and provide clear and effective guidance on implementation of processes.
* Ability to use data and run the appropriate analytics in order to further work through the data.
* Professional certifications are a plus:
* Certified Information Systems Manager (CISM)
* Certified Information Systems Security Professional (CISSP)
* Certified in Risk and Information Systems Control (CRISC)
* Certified in the Governance of Enterprise IT (CGEIT)
* Certified Information Systems Auditor (CISA)
* Certified Protection Profession (CPP)

Mondelēz Global LLC is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law

Applicants must complete all required steps in the application process, including providing a Resume/CV, in order to be considered for this position.