• Experiência sólida em Resposta a Incidentes, SOC/CSIRT ou funções correlatas, com atuação em incidentes de média/alta criticidade. • Domínio do ciclo de IR (preparação, detecção/análise, contenção, erradicação, recuperação e pós-incidente), com foco em execução consistente e auditável. • Vivência com SIEM e EDR/XDR, análise de logs/eventos, investigação de alertas e correlação de evidências. • Conhecimento aprofundado de Windows, Linux e macOS, incluindo análise de artefatos relevantes para IR. • Sólidos fundamentos de redes e protocolos, arquitetura de segurança e análise de comunicações suspeitas. • Conhecimento e aplicação de frameworks/padrões (ex.: MITRE ATT&CK, NIST SP 800-61, SANS IR). • Experiência em investigações em ambientes cloud (ex.: IAM, trilhas de auditoria, logs nativos, postura e respostas). • Automação e scripting (Python/PowerShell/Bash) para acelerar coleta, triagem e análise. • Experiência com integração e uso de threat intelligence (feeds, IOCs, enriquecimento e priorização).

Job Description Are You Ready to Make It Happen at Mondelēz International? Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours. As an individual contributor, the successful candidate will be proficient at managing risk assessments of both third parties and internal technologies. In addition, the candidate will be performing compliance activities related to technology assurance areas around access management, vulnerability management and configuration management. Candidate will also demonstrate ability and experience in governance related activities including administrative management of risk and control registers as well as policies and standards. How you will contribute Risk Management Responsibilities - Execute risk assessment testing supporting the Risk Manager. - Document risk assessment results. - Support Risk Manager in drafting risk assessment reports. - Perform administrative management of risk register (additions/editions/deletions, etc). - Document risk acceptance/exemptions that have been approved per the program. - Manage quarterly/annual review of risk acceptance/exceptions. - Manage risk assessment results in relevant dashboards. - Document Issues and Remediation activities for all exceptions noted during risk assessments. Compliance Responsibilities - Perform quarterly compliance assurance testing. - Document compliance testing results. - Maintain Management Action Plan (MAP) catalog with due dates. - Manage monthly audit MAPs. Includes the timely communication of open MAPs an escalation as needed of risks to completing MAPs at their agreed delivery dates. - Perform administrative activities in GRC Solution for compliance related activities. - Provide administrative support for ad-hoc external audits. - Provide administrative support for internal audits. - Support compliance program reporting activities. Requirements - 3 years in Information Security field, with at least 2 years working in GRC. - Experience with GRC tools (e.g., Archer). - Knowledge of security concepts and methodologies such as risk assessments, risk & controls, policies & standards, enterprise security strategies, network, and cloud security. - Knowledge of security frameworks such as CIS and NIST. - Excellent written and verbal communications skills, including presentational skills and able to clearly communicate issues to management and other key stakeholders. No Relocation support available Business Unit Summary At Mondelēz International, our purpose is to empower people to snack right by offering the right snack, for the right moment, made the right way. That means delivering a broad range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about. We have a rich portfolio of strong brands globally and locally including many household names such as Oreo, belVita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. We are proud to hold the top position globally in biscuits, chocolate and candy and the second top position in gum. Our 80,000 makers and bakers are located in more than 80 countries and we sell our products in over 150 countries around the world. Our people are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen-and happen fast. Mondelēz International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. Job Type Regular Information Security Technology & Digital

DEADLINE FOR APPLICATIONS 29 May 2026-23:59-GMT+01:00 Central European Time (Rome) WFP celebrates and embraces diversity. It is committed to the principle of equal employment opportunity for all its employees and encourages qualified candidates to apply irrespective of race, colour, national origin, ethnic or social background, genetic information, gender, gender identity and/or expression, sexual orientation, religion or belief, HIV status or disability. ABOUT WFP The World Food Programme is the world’s largest humanitarian organization saving lives in emergencies and using food assistance to build a pathway to peace, stability and prosperity, for people recovering from conflict, disasters and the impact of climate change. At WFP, people are at the heart of everything we do and the vision of the future WFP workforce is one of diverse, committed, skilled, and high performing teams, selected on merit, operating in a healthy and inclusive work environment, living WFP's values (Integrity, Collaboration, Commitment, Humanity, and Inclusion) and working with partners to save and change the lives of those WFP serves. To learn more about WFP, visit our website: https://www.wfp.org and follow us on social media to keep up with our latest news: YouTube, LinkedIn, Instagram, Facebook, Twitter, TikTok. WHY JOIN WFP? - WFP is a 2020 Nobel Peace Prize Laureate. - WFP offers a highly inclusive, diverse, and multicultural working environment. - WFP invests in the personal & professional development of its employees through a range of training, accreditation, coaching, mentorship, and other programs as well as through internal mobility opportunities. - A career path in WFP provides an exciting opportunity to work across the various country, regional and global offices around the world, and with passionate colleagues who work tirelessly to ensure that effective humanitarian assistance reaches millions of people across the globe. - We offer an attractive compensation package (please refer to the Terms and Conditions section of this vacancy announcement). JOB TITLE: Security Analyst TYPE OF CONTRACT: Consultant (Regular) UNIT/DIVISION: SEC/Security Analysis DUTY STATION (City, Country): Paris - working remotely BACKGROUND AND PURPOSE OF THE ASSIGNMENT: Under the supervision of the Head of the Security Analysis, the Consultant conducts analysis and supports security information management by providing information products, based on the assessment of the security situation and its impact on WFP operations, staff and assets. The Consultant contributes to the WFP Security capacity to acquire, process and effectively communicate security threat information, supporting decision-making and ensuring increased visibility of the WFP Security function through adequate reflection of security-related information in corporate products. ACCOUNTABILITIES/RESPONSIBILITIES: - Provide security analysis, assessing implications for WFP personnel, assets and operations to support decisions on security risk management which enable WFP programme delivery, implementation of WFP access strategy, enhanced conflict-sensitive, gender-sensitive programming and protection-related efforts. - Contribute to the management of information relevant to security, including acquisition, examination, collation, analysis and dissemination, exercising good understanding of business requirements and supporting planning and decision-making at the operational level. - Conduct research on security threats and risks, identifying appropriate sources and validating acquired information to ensure its relevance, reliability and accuracy that contributes to comprehensive security analysis. - Prepare security updates, security analysis reports, statistics-and trend analysis; support other security reports with relevant information. - Monitor security incidents, daily and weekly situation reports, local media and other open sources to support security analysis, ensuring that it is based on a wide range of reliable sources. - Address security information requirement by applying agreed approaches and methodologies in security analysis consistent with WFP and wider United Nations security information management policies, guidelines and procedures. - Contribute to research on specific threat factors to support activities of the Crisis Management Team, contributing to the effective response to specific security incidents. - Provide inputs for presentations and briefings to WFP personnel, donors and partners on security developments in specific countries/regions, as appropriate. - Participate in field missions within area of responsibility to know WFP programmes and gather first-hand information on security situation for comprehensive security analysis and developing source networks. - Contribute to the development of security information management guidelines and procedures to improve security reporting and analysis. - Create and provide training for field-based personnel on reporting and analysis. - Maintain effective mechanisms on security information exchanges within area of responsibility. - Maintain collaboration within and outside WFP for effective information sharing on security situation, threat and risk assessments, to comprehensive security analysis and cross­ functional interaction. - Take part in activities and events within the WFP security analysis function, contributing to its cohesion and enhanced interaction between WFP security analysts. - Provide support in operational security matters. - Perform other duties as required. DELIVERABLES AT THE END OF THE CONTRACT: Full completion of all tasks assigned within the contract period. QUALIFICATIONS & EXPERIENCE REQUIRED: Knowledge & Skills: - Knowledge and understanding of methodologies for information collection, collation and analysis. - Excellent analytical and English drafting skills. - Proven ability to conduct research projects and perform studies on security and political matters. ' - Proven ability to produce analytical reports on security and political issues, preferably in the international perspective. - Proven ability to communicate complex concept orally and in writing. - Ability to appreciate sources, resources and information in terms of relevance and credibility. - Ability to identify priority activities and assignments, effectively manage workload. - Ability to work under strict deadlines. - Ability to manage several tasks simultaneously. Languages: - Fluency in written and spoken English. Intermediate knowledge of al) other official UN language (Arabic, Spanish, French, Russian, Chinese or Portuguese) is essential. WFP LEADERSHIP FRAMEWORK WFP Leadership Framework guides to the common standards of behavior that guide HOW we work together to accomplish our mission. Click here to access WFP Leadership Framework REASONABLE ACCOMMODATION WFP is committed to supporting individuals with disabilities by providing reasonable accommodations throughout the recruitment process. If you require a reasonable accommodation, please contact: global.inclusion@wfp.org NO FEE DISCLAIMER The United Nations does not charge any application, processing, training, interviewing, testing or other fee in connection with the application or recruitment process. Should you receive a solicitation for the payment of a fee, please disregard it. Furthermore, please note that emblems, logos, names and addresses are easily copied and reproduced. Therefore, you are advised to apply particular care when submitting personal information on the web. REMINDERS BEFORE YOU SUBMIT YOUR APPLICATION - All applications must be submitted exclusively through our online recruiting system. We do not consider CVs or applications sent by email, LinkedIn, or any other channel. - We strongly recommend that your Workday profile is accurate and complete, and that all sections are filled in, including your employment history, academic qualifications, language skills, and UN grade (if applicable). Once your profile is completed, please apply, and submit your application. - If you experience technical issues while submitting your application, you may contact us at global.hrerecruitment@wfp.org. Please note that this email is only for technical issues with an application - unsolicited applications or documents sent to this inbox will not receive a reply. - At the application stage, the only required documents are your CV and Cover Letter. Additional documents (passport, certificates, recommendation letters, etc.) may be requested later in the process. - Only shortlisted candidates will be contacted and invited to proceed to the next stage of the recruitment process. All employment decisions are made on the basis of organizational needs, job requirements, merit, and individual qualifications. WFP is committed to providing an inclusive work environment free of sexual exploitation and abuse, all forms of discrimination, any kind of harassment, sexual harassment, and abuse of authority. Therefore, all selected candidates will undergo rigorous reference and background checks. No appointment under any kind of contract will be offered to members of the UN Advisory Committee on Administrative and Budgetary Questions (ACABQ), International Civil Service Commission (ICSC), FAO Finance Committee, WFP External Auditor, WFP Audit Committee, Joint Inspection Unit (JIU) and other similar bodies within the United Nations system with oversight responsibilities over WFP, both during their service and within three years of ceasing that service.

Job Description Are You Ready to Make It Happen at Mondelēz International? Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours. As an individual contributor, the successful candidate will be proficient at managing risk assessments of both third parties and internal technologies. In addition, the candidate will be performing compliance activities related to technology assurance areas around access management, vulnerability management and configuration management. Candidate will also demonstrate ability and experience in governance related activities including administrative management of risk and control registers as well as policies and standards. How you will contribute Risk Management Responsibilities - Execute risk assessment testing supporting the Risk Manager. - Document risk assessment results. - Support Risk Manager in drafting risk assessment reports. - Perform administrative management of risk register (additions/editions/deletions, etc). - Document risk acceptance/exemptions that have been approved per the program. - Manage quarterly/annual review of risk acceptance/exceptions. - Manage risk assessment results in relevant dashboards. - Document Issues and Remediation activities for all exceptions noted during risk assessments. Compliance Responsibilities - Perform quarterly compliance assurance testing. - Document compliance testing results. - Maintain Management Action Plan (MAP) catalog with due dates. - Manage monthly audit MAPs. Includes the timely communication of open MAPs an escalation as needed of risks to completing MAPs at their agreed delivery dates. - Perform administrative activities in GRC Solution for compliance related activities. - Provide administrative support for ad-hoc external audits. - Provide administrative support for internal audits. - Support compliance program reporting activities. Requirements - 3 years in Information Security field, with at least 2 years working in GRC. - Experience with GRC tools (e.g., Archer). - Knowledge of security concepts and methodologies such as risk assessments, risk & controls, policies & standards, enterprise security strategies, network, and cloud security. - Knowledge of security frameworks such as CIS and NIST. - Excellent written and verbal communications skills, including presentational skills and able to clearly communicate issues to management and other key stakeholders. No Relocation support available Business Unit Summary At Mondelēz International, our purpose is to empower people to snack right by offering the right snack, for the right moment, made the right way. That means delivering a broad range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about. We have a rich portfolio of strong brands globally and locally including many household names such as Oreo, belVita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. We are proud to hold the top position globally in biscuits, chocolate and candy and the second top position in gum. Our 80,000 makers and bakers are located in more than 80 countries and we sell our products in over 150 countries around the world. Our people are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen—and happen fast. Mondelēz International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. Job Type Regular Information Security Technology & Digital