Sr. Analyst, Cyber Security Governance, Risk & Compliance

Job Description

Are You Ready to Make It Happen at Mondelēz International?

Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.

You work with the information security team as a competent and experienced information security and compliance specialist.

As an individual contributor, the successful candidate will manage security risk assessments of both third parties and internal technologies as well as support the Business as Usual of the GRC department. In addition, the candidate will support and contribute to the training and awareness initiatives to support the MDLZ strategy. Candidate will also support any regional activities required under the Regional CISO responsibilities.
 

How you will contribute

GRC Management Responsibilities

Execute security risk assessments supporting the Risk Manager, including reporting, monitoring and issue management mainly but not limited to third-parties and applications.
Manage quarterly/annual/monthly review of risk acceptance, metrics and reporting.
Coordinate, manage and support the initiatives for security Training and Awareness, indicatively: Prepare the timeline of initiatives, coordinate necessary actions for trainings and table-top exercises, coordinate activities to support the communication strategy of the campaign, manage the phishing initiatives.  Prepare the appropriate metrics and reports.
 

Regional Responsibilities

Support monitoring and reporting for regional activities.
Support in key areas under CISO accountability including Data Security and Business Continuity.
Support in managing the framework in those areas.
 

More about this role

What extra ingredients you will bring:

3 years in Information Security field, with at least 2 years working in GRC.

Experience with GRC tools (e.g., Auditboard, Archer, etc) will be considered an asset.
Knowledge of security concepts and methodologies such as risk assessments, risk & controls, policies & standards, enterprise security strategies, network, and cloud security.
Experience in security awareness campaigns and initiatives.
Knowledge of security frameworks such as NIST, ISO27001.
Excellent written and verbal communications skills, including presentational skills and able to clearly communicate issues to management and other key stakeholders.

Business Unit Summary

At Mondelēz International, our purpose is to empower people to snack right by offering the right snack, for the right moment, made the right way. That means delivering a broad range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about.

We have a rich portfolio of strong brands globally and locally including many household names such as Oreo, belVita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. We are proud to hold the top position globally in biscuits, chocolate and candy and the second top position in gum.

Our 80,000 makers and bakers are located in more than 80 countries and we sell our products in over 150 countries around the world. Our people are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen—and happen fast.

Mondelēz International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.

Job Type