Mondelēz International · 14 hours ago
Senior Analyst, CSIRT
United States
Full-time
Remote
Mid, Senior Level
$122K/yr - $168K/yr
3+ years expMondelēz International is a leading company in the snacking industry, and they are seeking a Senior Incident Response Analyst to enhance their security measures. The role involves investigating and responding to security incidents, collaborating with various teams, and improving incident response processes.
Consumer GoodsFood and BeverageFood ProcessingManufacturing
Responsibilities
Take ownership of enhancing our security posture and protecting MDLZ infrastructure
Be adept at technical writing
Capable of communicating with both technical and nontechnical stakeholders across all levels including C-suite with ability to scope, tailor, and triage information shared to the roles and business priorities of audiences
Develop and execute comprehensive containment, eradication, and recovery strategies, prioritizing business continuity and minimizing disruption to business processes. Coordinate response activities with incident response teams, internal stakeholders, and external partners. Follow established and best-practice incident response procedures while iterating as necessary for novel events
Collaborate closely with a wide range of technical and non-technical teams across business functions and geographies. Effectively scope, tailor, and triage incident information for diverse audiences, including C-suite executives, providing clear, concise, and timely updates
Perform in-depth malware analysis, network forensics, log analysis, and reverse engineering to identify root causes, establish timelines, and uncover Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) both independently and in partnership with security, technology, and business roles
Contribute significantly to the continuous review, refinement, and expansion of incident response playbooks, runbooks, and Standard Operating Procedures (SOPs), aligning them with industry best practices (e.g., NIST, MITRE) and our unique global context
Embody a passion for growth and drive for continuous learning
Act as a coach and mentor to other analysts, elevating skills and contributing to overall uplift of our global cybersecurity capabilities. Provide technical training sessions to various MDLZ global teams
Perform 'lessons learned' reviews for significant incidents, identifying systemic weaknesses and driving recommendations for security control improvements, architectural enhancements, and organizational changes to prevent recurrence
Contribute to team’s expansive skills set across topics like reverse engineering, cloud security, process development, scripting in Python, PowerShell, Bash, C/C++, ICS protocols, AI-based automation, and more
Monitor computer environments for security issues
Perform Threat Analysis on events reported by security tools, external parties, and internal SMEs
Investigate security breaches and other cybersecurity events / incidents
Contribute to Root Cause Analysis, Lessons Learned, and Corrective Action Reporting
Create executive summaries, status reports and supply metrics to relevant stakeholders independently
Participate in special projects as needed
Qualification
Required
High school diploma, GED, or equivalent certification
3-6+ years' experience in Incident Response, Information Security, SOC, Forensics, Purple-teaming, or related field
Knowledge/Experience in SIEM (ie Splunk, Humio), SOAR (ie Cyware, Splunk, XSOAR), Endpoint Security (EDR) (ie CarbonBlack, Crowdstrike, Defender), Email Security (ie. Proofpoint, O365 ATP), Firewalls, WAF, IDS/IPS, Web Content Filtering, Proxies, Database, Data Loss Prevention (DLP), Identity and Access Management (IAM), Cloud Computing Services, Scripting, MITRE ATT&CK Framework and Incident Response, NIST, Cloud Compute (ie AWS, GCP, Azure), Cloud Native Application Protection (ie Forcepoint ONE, Wiz, Orca)
Be adept at technical writing
Capable of communicating with both technical and nontechnical stakeholders across all levels including C-suite with ability to scope, tailor, and triage information shared to the roles and business priorities of audiences
Develop and execute comprehensive containment, eradication, and recovery strategies, prioritizing business continuity and minimizing disruption to business processes
Coordinate response activities with incident response teams, internal stakeholders, and external partners
Follow established and best-practice incident response procedures while iterating as necessary for novel events
Collaborate closely with a wide range of technical and non-technical teams across business functions and geographies
Effectively scope, tailor, and triage incident information for diverse audiences, including C-suite executives, providing clear, concise, and timely updates
Perform in-depth malware analysis, network forensics, log analysis, and reverse engineering to identify root causes, establish timelines, and uncover Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) both independently and in partnership with security, technology, and business roles
Contribute significantly to the continuous review, refinement, and expansion of incident response playbooks, runbooks, and Standard Operating Procedures (SOPs), aligning them with industry best practices (e.g., NIST, MITRE) and our unique global context
Embody a passion for growth and drive for continuous learning
Act as a coach and mentor to other analysts, elevating skills and contributing to overall uplift of our global cybersecurity capabilities
Provide technical training sessions to various MDLZ global teams
Perform 'lessons learned' reviews for significant incidents, identifying systemic weaknesses and driving recommendations for security control improvements, architectural enhancements, and organizational changes to prevent recurrence
Contribute to team's expansive skills set across topics like reverse engineering, cloud security, process development, scripting in Python, PowerShell, Bash, C/C++, ICS protocols, AI-based automation, and more
Preferred
Bachelor's degree in Information Technology, Cybersecurity, Computer Science or relatable field
Hold professional certifications through certifying bodies like CompTIA: Security+, CySA+, SANS-GIAC: GCIH, GDAT, GPEN, GCFE, GRID, ISC2: CISSP, Offsec: OCSP, OSIR
Benefits
Health insurance
Wellness and family support programs
Life and disability insurance
Retirement savings plans
Paid leave programs
Education related programs
Paid holidays and vacation time
Company
Mondelēz International
Mondelēz International, Inc.
10001+ employees
H1B Sponsorship
Mondelēz International has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (3)
2024 (1)
2022 (1)
Funding
Current Stage
Public CompanyTotal Funding
$1.5B2024-02-21Post Ipo Debt· $1.5B
2001-06-13IPO
Leadership Team
Dirk Van de Put
Chairman & CEO
Rajesh Ramanathan
Senior Vice President - Asia Pacific, Middle East & Africa
Recent News
2026-01-23
Canada NewsWire
2026-01-19
Food Business News
2026-01-16
Company data provided by crunchbase