• Configure, troubleshoot, and maintain security infrastructure. • Respond to security alerts through investigation, documentation, and taking action as needed. • Provide audit support through evidence collection and implementing security controls. • Perform security assessments to support risk assessment and management activities. • Identify opportunities to improve security infrastructure and configurations. • Work cross-functionally with other teams on security initiatives.

Job Description Are You Ready to Make It Happen at Mondelēz International? Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours. As an individual contributor, the successful candidate will be proficient at managing risk assessments of both third parties and internal technologies. In addition, the candidate will be performing compliance activities related to technology assurance areas around access management, vulnerability management and configuration management. Candidate will also demonstrate ability and experience in governance related activities including administrative management of risk and control registers as well as policies and standards. How you will contribute Risk Management Responsibilities - Execute risk assessment testing supporting the Risk Manager. - Document risk assessment results. - Support Risk Manager in drafting risk assessment reports. - Perform administrative management of risk register (additions/editions/deletions, etc). - Document risk acceptance/exemptions that have been approved per the program. - Manage quarterly/annual review of risk acceptance/exceptions. - Manage risk assessment results in relevant dashboards. - Document Issues and Remediation activities for all exceptions noted during risk assessments. Compliance Responsibilities - Perform quarterly compliance assurance testing. - Document compliance testing results. - Maintain Management Action Plan (MAP) catalog with due dates. - Manage monthly audit MAPs. Includes the timely communication of open MAPs an escalation as needed of risks to completing MAPs at their agreed delivery dates. - Perform administrative activities in GRC Solution for compliance related activities. - Provide administrative support for ad-hoc external audits. - Provide administrative support for internal audits. - Support compliance program reporting activities. Requirements - 3 years in Information Security field, with at least 2 years working in GRC. - Experience with GRC tools (e.g., Archer). - Knowledge of security concepts and methodologies such as risk assessments, risk & controls, policies & standards, enterprise security strategies, network, and cloud security. - Knowledge of security frameworks such as CIS and NIST. - Excellent written and verbal communications skills, including presentational skills and able to clearly communicate issues to management and other key stakeholders. Business Unit Summary At Mondelēz International, our purpose is to empower people to snack right by offering the right snack, for the right moment, made the right way. That means delivering a broad range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about. We have a rich portfolio of strong brands globally and locally including many household names such as Oreo, belVita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. We are proud to hold the top position globally in biscuits, chocolate and candy and the second top position in gum. Our 80,000 makers and bakers are located in more than 80 countries and we sell our products in over 150 countries around the world. Our people are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen-and happen fast. Mondelēz International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. Job Type Regular Information Security Technology & Digital

We do Consulting Differently Job Summary BRG is seeking a Cybersecurity Analyst to support cybersecurity monitoring, investigation, and response activities across Microsoft 365, cloud services, and identity platforms. The role focuses on security event triage, incident support, remediation coordination, and validation of security controls aligned to BRG standards (least privilege, secure configuration baselines, and audit-ready documentation). The position requires prior cybersecurity experience and the ability to operate both independently and within a structured team environment. Reporting Relationships Reports to: Senior IT Manager – Cybersecurity Key Contacts - Cybersecurity Engineering and Cybersecurity Operations teams - Infrastructure, System Administration, and Network teams - Risk & Compliance (as needed for control evidence and audit support) Major Responsibilities / Job Functions - Monitor and triage security alerts and events across Microsoft security platforms and related tooling, documenting findings, severities, and recommended actions in accordance with established procedures. - Conduct initial investigation and evidence collection for security incidents involving identity compromise, endpoint threats, suspicious email activity, and cloud security findings; escalate complex or high-severity cases to senior staff. - Coordinate and track remediation efforts for security findings (vulnerabilities, misconfigurations, risky sign-ins), including verification, closure documentation, and status reporting. - Support identity and access security processes, including privileged access workflows, access reviews, and enforcement/validation of baseline identity controls aligned to least-privilege standards and approval requirements. - Support user and access management activities within a tiered Active Directory security model, including adherence to administrative tiering, privileged account separation, and controlled role assignment practices across Active Directory and Entra ID. - Assist with routine security control validation across Microsoft 365 and cloud services, including posture checks, policy effectiveness verification, and operational reporting. - Maintain and improve operational documentation (runbooks, SOPs, knowledge articles) based on recurring work, trend analysis, and lessons learned. - Participate in scheduled maintenance windows and security validation activities as needed. Knowledge, Skills, and Behaviors - Demonstrated cybersecurity fundamentals and practical experience triaging alerts, validating suspicious activity, and documenting incident findings. - Working knowledge of identity security concepts and telemetry, including Entra ID/Azure AD sign-in activity, risky users/sign-ins, roles/groups, MFA, and conditional access principles. - Strong background in Active Directory, Entra ID (Azure AD), and enterprise user lifecycle/access management, including provisioning/deprovisioning, group-based access, privileged account handling, and access governance practices in a tiered AD environment. - Familiarity with Microsoft security tooling and workflows (Microsoft Defender and/or Microsoft Sentinel), including log review and evidence collection; KQL familiarity is preferred. - Hands-on familiarity with vulnerability and security monitoring platforms, including Tenable/Nessus (including Tenable.io), Netwrix, and Zscaler, with the ability to interpret findings and support remediation tracking. - Understanding of endpoint and server security concepts on Windows platforms, including common attack patterns, persistence indicators, and response actions. - Strong written and verbal communication skills with the ability to document technical information clearly for both technical and non-technical audiences. - Strong organizational skills with the ability to manage multiple priorities and maintain attention to detail in a regulated enterprise environment. - Familiarity with PowerShell or automation concepts is preferred; ability to use existing scripts and procedures safely is valued. Education and Experience - Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field; equivalent practical experience considered. - Minimum of two (2) years of hands-on cybersecurity experience in security monitoring, incident response support, threat triage, or a related security-focused role. - Relevant certifications are a plus (not required), such as Security+, SC-200, AZ-500, or equivalent. Other Requirements - Ability to travel occasionally for key meetings or collaboration sessions, as needed. - Availability to participate in periodic after-hours incident support in rotation, as applicable. Salary Range: $90,000-$120,000 Candidate must be able to submit verification of his/her legal right to work in the U.S., without company sponsorship. #LI-SJ1 About BRG BRG combines world-leading academic credentials with world-tested business expertise and purpose-built emerging technologies. Our culture centers on agility and connectivity which sets us apart and gets you ahead. At BRG, our professionals include specialist consultants, industry experts, renowned academics, and leading-edge data scientists. Together, they bring a diversity of real-world experience, data, and human and artificial intelligence, to economics, disputes, and investigations; corporate finance; and performance improvement services that address the most complex challenges facing organizations across the globe. Our unique structure nurtures the interdisciplinary relationships that give us the edge, laying the groundwork for more informed insights and more original, incisive thinking. When paired with our global reach and resources, our diverse perspectives and technical capabilities make us uniquely capable to address our clients’ challenges. We get results because we know how to apply our thinking to your world. At BRG, we don’t just show you what’s possible. We’re built to help you make it happen. BRG is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran status, ancestry, sexual orientation, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law.

• Support our healthcare partners & help them thrive at Meduit! • Implement and manage Microsoft Purview for data protection • Investigate alerts from CrowdStrike, Azure Defender, and Rapid7 InsightIDR • Support endpoint security and hardening efforts • Review and prioritize vulnerabilities using Rapid7 InsightVM • Monitor identity security, MFA, and Conditional Access in Azure/Entra ID • Document investigations and remediation steps • Collaborate with IT teams to resolve security issues