Take ownership of enhancing our security posture and protecting MDLZ infrastructure
Be adept at technical writing. Capable of communicating with both technical and nontechnical stakeholders across all levels including C-suite with ability to scope, tailor, and triage information shared to the roles and business priorities of audiences
Develop and execute comprehensive containment, eradication, and recovery strategies, prioritizing business continuity and minimizing disruption to business processes
Coordinate response activities with incident response teams, internal stakeholders, and external partners
Follow established and best-practice incident response procedures while iterating as necessary for novel events
Collaborate closely with a wide range of technical and non-technical teams across business functions and geographies
Effectively scope, tailor, and triage incident information for diverse audiences, including C-suite executives, providing clear, concise, and timely updates
Perform in-depth malware analysis, network forensics, log analysis, and reverse engineering to identify root causes, establish timelines, and uncover Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) both independently and in partnership with security, technology, and business roles
Contribute significantly to the continuous review, refinement, and expansion of incident response playbooks, runbooks, and Standard Operating Procedures (SOPs), aligning them with industry best practices (e.g., NIST, MITRE) and our unique global context
Embody a passion for growth and drive for continuous learning
Act as a coach and mentor to other analysts, elevating skills and contributing to overall uplift of our global cybersecurity capabilities
Provide technical training sessions to various MDLZ global teams
Perform "lessons learned" reviews for significant incidents, identifying systemic weaknesses and driving recommendations for security control improvements, architectural enhancements, and organizational changes to prevent recurrence

Requirements

3-6+ years' experience in Incident Response, Information Security, SOC, Forensics, Purple-teaming, or related field
Knowledge/Experience in: SIEM (ie Splunk, Humio), SOAR (ie Cyware, Splunk, XSOAR), Endpoint Security (EDR) (ie CarbonBlack, Crowdstrike, Defender), Email Security (ie Proofpoint, O365 ATP), Firewalls, WAF, IDS/IPS, Web Content Filtering, Proxies, Database, Data Loss Prevention (DLP), Identity and Access Management (IAM), Cloud Computing Services, Scripting, MITRE ATT&CK Framework and Incident Response, NIST, Cloud Compute (ie AWS, GCP, Azure), Cloud Native Application Protection (ie Forcepoint ONE, Wiz, Orca)
High school diploma, GED, or equivalent certification
Bachelor's degree "preferred" - in Information Technology, Cybersecurity, Computer Science or relatable field.
Hold professional certifications through certifying bodies like: CompTIA: Security+, CySA+ SANS-GIAC: GCIH, GDAT, GPEN, GCFE, GRIDC2: CISSP Offsec: OCSP, OSIR

Benefits

📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Incident ResponseInformation SecurityForensicsMalware AnalysisNetwork ForensicsLog AnalysisReverse EngineeringScriptingCloud Computing ServicesData Loss Prevention

Soft Skills

Technical WritingCommunicationCoachingMentoringCollaborationProblem SolvingAdaptabilityContinuous LearningStakeholder EngagementBusiness Continuity

Certifications

CompTIA Security+CompTIA CySA+SANS-GIAC GCIHSANS-GIAC GDATSANS-GIAC GPENSANS-GIAC GCFEGRIDC2 CISSPOffsec OCSPOffsec OSIR