|Reference # : ||18-00076
||Title : ||IT Security PM|
East Hanover, IL
|Experience Level : ||
||Start Date : ||10/04/2018
| Description |
|Needed: Project Manager - IT Security (Cyber Security, Multi-Factor Authentication (MFA) / ATP (Advanced Threat Protection) needed at Mondelez International; East Hanover New Jersey 07936|
Title: Project Manager - IT Security (Cyber Security, Multi-Factor Authentication (MFA) / ATP (Advanced Threat Protection)
Period: October 15, 2018 – March 30, 2019 (potential to extend)
Bill Rate: $45-$52/hr
Work Location: 100 Deforest Ave East Hanover New Jersey 07936
Project Name: Multi-Factor Authentication & o365 Conditional Access
PM Experience: 8+ years delivering IT Security projects, exposure to Cyber Security, Multi-Factor Authentication (MFA) or ATP (Advanced Threat Protection) a bonus. Must be able to work in high pressure environment, good communication skills and ability to project lead autonomously.
PM will be 50% allocated to each project. This is based on MDLZ resource capacity which will only be able to also support these projects at 50% Many of the internal MDLZ projects resources are shared across both projects.
Project 1: Two factor authentication
Two factor authentication helps protect against weak password usage and password attacks. A number of high profile data leaks and compromises are due to weak password measures. Two Factor authentication can help prevent attacks based on weak password measures and is increasingly necessary for externally available (via the internet) critical applications.
• Enable Azure MFA (One Time Passwords) for all Azure administrators (circa 200 users) – note this is a stronger mechanism than 2 step verification
• Deployed to Azure Admin mobile device (OTP app)
• Implement processes to cover :-
- Loss of mobile device
- emergency access for key personnel
- removal of service on user leaving or moving in the organization or 3rd party
• Identify at risk applications (sensitive/critical)/externally accessible)
• Identify user base of at risk applications and deploy MFA – 2 step verification (via mobile device) with appropriate training.
• Implement emergency access process that meets security requirements whilst enabling critical business processes to continue
• Apply Azure and O365 Conditional Access criteria
Project 2: Global Advanced Threat Protection for Email
Project Overview: Email still remains the number one threat vector for Malware and Ransomware infections in major originations. Additionally, email threats such as phishing are increasing in volume and can lead to substantial data and financial loss. Email ATP will provide a substantial rise in Mondelez robustness to these type of attacks.
• Deployment of Email ATP service – a service which provides additional email security capability of the Mondelez private network (in the cloud) whilst fully integrated in to our O365 tenant.
• Service initially targeted at MBS user space covering the high risk areas e.g. HR, Finance and senior exec team and their PA's (anyone who has access to the exec mailbox especially those with "send As” permissions) etc.
• Tool already in use for 500 (Circa) users in Mondelez (O365 Email ATP). Identify statistics and reporting from current deployment to make assessment on requirements coverage.
• Deploy agreed solution to MBS space then further expansion to the Mondelez user base.
• Provide training to end users on how the tool works. Additionally, build into service desk processes how users can release any false positives