Mondelez International Director, Security Risk Management Lead in East Hanover, New Jersey
Are You Ready to Make It Happen at Mondelēz International?
Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.
You work with the information security team as a competent and experienced information security and compliance leader.
How you will contribute
You will assess information security risks in line with internal policies and external best practices and determine requirements how to secure Mondelēz International information and IT assets. In addition, you will develop security standards and policies; advise technical teams when developing relevant procedures or have operational security questions; review and consulting them on compliant and effective use of common tools. You will also keep business stakeholders apprised on the overall security and compliance roadmap, provide training on information security to appropriate teams, and develop security strategies, architectures and roadmaps across process and technologies.
What you will bring
Oversee development and maintenance Line of Business security risk portfolio to feed investment decisions, mitigation plans, and enterprise risk management
Facilitate and manage risk assessments and workshops to identify and catalog risk across BUs
Engage and partner with executives across lines of business/ Bus
Guide and support on building a third party information security risk management framework
Oversee a mechanism in which the security risk managers partner with the business to ensure proactiveness and anticipation to third party management.
Provide strategic leadership and assist in the development of multi-year organizational plans in line company strategy
Support project managers in third party risk management to ensure policies are incorporated correctly and the 3rd party risk management frameworks are preserved
Oversee development security strategy for each policy focus areas
Manage facilitation and tracking compliance activities and management action plans
Oversee collection and tracking of high level roll up data from compliance assessments and findings from Control Assessors
Oversee development and maintenance of centralized role catalogue
Align organizational goals to strategic company goals and objectives. Translate goals into meaningful, measurable, and actionable strategy for department.
Communicate department objectives and organizational activities to executive management
More about this role
What you need to know about this position:
What extra ingredients you will bring:
Working knowledge of Risk Management and/or Audit programs with demonstrated understanding of IT and Information Security frameworks (e.g. NIST CSF, ISO 27001, COBIT)
Understanding and technical knowledge of key risk management concepts, including but not limited to, security risk management, information security consulting, third party management, software security, and security architecture.
Demonstrable strong management skills, the ability to develop, mentor and coach others.
Strong written and oral executive communication, including up to the C-level.
Experience in working in large or federated enterprises, preferably in the Consumer Products and FMCG industries.
Ability to describe cyber risk from an operating perspective to provide consulting guidance and build relationships.
Strong technical understanding of SOX and processes/ steps taken to automate such .
Ability to design and evaluate processes to build security mindset and review processes for ongoing improvement to mitigate risks.
Strong understanding of risk, compliance and ability to define and operationalize cybersecurity processes.
Ability to delegate work to team members and provide clear and effective guidance on implementation of processes.
Experience in the implementation and/or management of Risk and Compliance (GRC) technologies and supporting processes.
Professional certifications are a plus:
Certified Information Systems Manager (CISM)
Certified Information Systems Security Professional (CISSP)
Certified in Risk and Information Systems Control (CRISC)
Certified in the Governance of Enterprise IT (CGEIT)
Certified Information Systems Auditor (CISA)
Certified Protection Profession (CPP)
Bachelor's Degree Required
For office-based, salaried roles at Bakery and Customer Service & Logistics locations, and some remote roles proof of COVID-19 vaccination is required to be eligible for employment. Religious, medical and/or other accommodations as required by law will be considered on a case by case basis. You may review the Mondelēz COVID vaccination policy by visiting the US careers website at https://www.mondelezinternational.com/United-States. This COVID-19 vaccine mandate does not apply to several U.S. states that do not permit certain vaccination mandates, including, but not limited to Alabama, Arizona, Arkansas, Florida, Indiana, Montana, North Dakota, Tennessee, Texas, Utah, and West Virginia.
Mondelez Global LLC is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Applicants who require accommodation to participate in the job application process may contact 847-943-5460 for assistance.