The IT Compliance Manager will lead IT compliance initiatives, manage SOX compliance audits, and handle EU NIS2 Directive requirements while overseeing risk management activities and governance processes.
Job Description
Are You Ready to Make It Happen at Mondelēz International?
Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.
Reporting to the Global IT Compliance Lead, as an IT Compliance Manager, the successful candidate will be proficient at managing risk-based IT compliance initiatives across Mondelez. The role is key in the successful delivery of the annual Sarbanes-Oxley information technology compliance program and the operationalization of EU NIS2 Directive requirements for all in-scope applications and supported technologies. In addition, the candidate will be performing compliance activities related to technology assurance areas around access management, vulnerability management, and configuration management, among others. Candidate will also demonstrate ability and experience in governance related activities including administrative management of risk and control registers as well as policies and standards.
How you will contribute
Assurance Program Responsibilities
Requirements:
More about this role
Travel requirements:
25%
No Relocation support available
Business Unit Summary
At Mondelēz International, our purpose is to empower people to snack right by offering the right snack, for the right moment, made the right way. That means delivering a broad range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about.
We have a rich portfolio of strong brands globally and locally including many household names such as Oreo, belVita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. We are proud to hold the top position globally in biscuits, chocolate and candy and the second top position in gum.
Our 80,000 makers and bakers are located in more than 80 countries and we sell our products in over 150 countries around the world. Our people are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen-and happen fast.
Mondelēz International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.
Job Type
Regular
Information Security
Technology & Digital
Are You Ready to Make It Happen at Mondelēz International?
Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.
Reporting to the Global IT Compliance Lead, as an IT Compliance Manager, the successful candidate will be proficient at managing risk-based IT compliance initiatives across Mondelez. The role is key in the successful delivery of the annual Sarbanes-Oxley information technology compliance program and the operationalization of EU NIS2 Directive requirements for all in-scope applications and supported technologies. In addition, the candidate will be performing compliance activities related to technology assurance areas around access management, vulnerability management, and configuration management, among others. Candidate will also demonstrate ability and experience in governance related activities including administrative management of risk and control registers as well as policies and standards.
How you will contribute
Assurance Program Responsibilities
- Conduct assurance activities related to the annual SOX Compliance audit with a specific focus of IT General Controls and Vendor SOX Compliance.
- Lead compliance activities for the NIS2 Directive, including performing initial and recurring gap assessments, remediation tracking, and supply chain security alignment.
- Perform quarterly compliance assurance testing and maintain audit-ready evidence documentation.
- Document compliance testing evidence and results providing audit ready assurances.
- Maintain Management Action Plan (MAP) catalog with due dates.
- Manage monthly audit Management Action Plans (MAPs). Includes the timely communication of open MAPs an escalation as needed of risks to completing MAPs at their agreed delivery dates.
- Perform administrative activities in GRC Solution for compliance related activities.
- Manage ad-hoc external IT audits.
- Support GRC Lead for CTO/CISO focused internal audits.
- Manage compliance program reporting activities.
Requirements:
- 7 years in one or more of the following fields: Information Security, SOX Compliance, Internal Controls, Internal Audit or GRC,
- 3 years leading/managing internal and external audits (i.e., Sarbanes-Oxley SOX) for a public US company.
- Direct experience with EU cybersecurity regulations, specifically the NIS2 Directive.
- Experience with GRC tools (e.g., Archer).
- ISACA CISA and/or CISM Certifications (significant plus)
- Knowledge of security concepts and methodologies such as risk assessments, risk & controls, policies & standards, enterprise security strategies, network, and cloud security.
- Working knowledge of security and compliance frameworks such as CIS, NIST and ISO
- Excellent written and verbal communications skills, including presentational skills and able to clearly communicate issues to management and other key stakeholders.
More about this role
Travel requirements:
25%
No Relocation support available
Business Unit Summary
At Mondelēz International, our purpose is to empower people to snack right by offering the right snack, for the right moment, made the right way. That means delivering a broad range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about.
We have a rich portfolio of strong brands globally and locally including many household names such as Oreo, belVita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. We are proud to hold the top position globally in biscuits, chocolate and candy and the second top position in gum.
Our 80,000 makers and bakers are located in more than 80 countries and we sell our products in over 150 countries around the world. Our people are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen-and happen fast.
Mondelēz International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.
Job Type
Regular
Information Security
Technology & Digital
Mondelēz International East Hanover, New Jersey, USA Office
Our East Hanover office in New Jersey is our North America headquarters and provides corporate and regional functional support. Opportunities at these offices could cover any of the following areas: Communications; Finance; Human Resources; Information Technology Solutions; Legal and many more
Similar Jobs at Mondelēz International
Big Data • Food • Hardware • Machine Learning • Retail • Automation • Manufacturing
Manage financial integrity and performance of Opco Overheads plan, support business proposals, ensure compliance, and provide financial insights for strategic decisions.
Top Skills:
Cost ManagementData AnalysisFinancial ModelingFinancial PlanningFinancial ReportingPerformance Management
4 Days Ago
Big Data • Food • Hardware • Machine Learning • Retail • Automation • Manufacturing
Responsible for leading financial integrity and performance, supporting business proposals, managing finance planning, and driving strategic initiatives within the Confectionery category.
Top Skills:
Data AnalysisFinancial ModelingFinancial PlanningFinancial ReportingPerformance Management
4 Days Ago
Big Data • Food • Hardware • Machine Learning • Retail • Automation • Manufacturing
The role involves assessing information security risks, managing compliance, implementing cybersecurity measures, and providing training to teams on security protocols.
Top Skills:
And ProceduresCyber Security TechnologyInformation SecurityPoliciesSecurity Standards
What you need to know about the NYC Tech Scene
As the undisputed financial capital of the world, New York City is an epicenter of startup funding activity. The city has a thriving fintech scene and is a major player in verticals ranging from AI to biotech, cybersecurity and digital media. It also has universities like NYU, Columbia and Cornell Tech attracting students and researchers from across the globe, providing the ecosystem with a constant influx of world-class talent. And its East Coast location and three international airports make it a perfect spot for European companies establishing a foothold in the United States.
Key Facts About NYC Tech
- Number of Tech Workers: 549,200; 6% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Capgemini, Bloomberg, IBM, Spotify
- Key Industries: Artificial intelligence, Fintech
- Funding Landscape: $25.5 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Greycroft, Thrive Capital, Union Square Ventures, FirstMark Capital, Tiger Global Management, Tribeca Venture Partners, Insight Partners, Two Sigma Ventures
- Research Centers and Universities: Columbia University, New York University, Fordham University, CUNY, AI Now Institute, Flatiron Institute, C.N. Yang Institute for Theoretical Physics, NASA Space Radiation Laboratory
