*overview*
at pepsico, we're redefining what it means to be a consumer products company with a digital-first mindset, and our global it team is leading that charge.
our technology teams unlock digital capabilities, enhance cybersecurity safeguards, deliver data-driven insights, and create unmatched consumer and customer experiences.
our culture is guided by the pepsico way, which is a set of values that define our mission to win with purpose in the marketplace and act with integrity in everything we do.
we're creating smiles with every sip and every bite while advancing a sustainable, socially impactful agenda that promotes our goal of winning with purpose.
the global it team supports just that with our mission to create more smiles with every click and every like.
join our global, agile team and help us influence and drive pepsico's digital transformation!
*responsibilities*
*what will you be doing?
*
the information security assessment lead is responsible for safeguarding pepsico's digital assets by assessing the compliance of new and changing systems against information security requirements and managing risks associated with it and information security systems throughout the project lifecycle.
the lead will collaborate with various security teams to facilitate compliance with information security standards, providing technical guidance for key strategic initiatives, and driving the secure delivery of technology solutions within pepsico.
*qualifications*
*key responsibilities*:
- review it and information security systems throughout the project lifecycle, identifying risks and security requirements.
- collaborate with various it/business teams to ensure they are knowledgeable of information security processes and requirements.
- assess security designs and align them with industry standards, such as nist 800-53, iso 27002, cis, and owasp.
- manage the operational metrics related to the isa and grc processes.
- monitor and report on key metrics, track project progress, and develop corrective action plans as needed.
- identify, quantify, and communicate technology risks impacting the business, recommending resolutions and identifying root causes.
- govern the information security services initiated from the isa, including tracking of process metrics, identifying issues in the completion of the processes, and escalating the issues to resolution.
- drive process improvement initiatives across the information security services to improve the customer experience, efficiency, and effectiveness of the processes.
- leverage expert knowledge in threat modeling techniques and methodologies to proactively identify, assess, and prioritize security risks, enabling the organization to implement targeted mitigation strategies and maintain a robust information security posture.
*years of experience*:
- a minimum of 5 years of experience in information security, it risk management, or a similar role.
*mandatory technical skills*:
- in-depth technical experience and knowledge of infrastructure technologies, network, web, computing, cloud services, manufacturing equipment, mobile devices, and information (cyber) security.
- strong understanding of information security frameworks, regulations, and standards, such as nist 800-53, cis, and iso 27002.
- proficient in servicenow irm, microsoft excel, word, and powerpoint skills to develop ad hoc reports to manage the reports and the metrics.
*mandatory non-technical skills*:
- bachelor's degree in information security, computer science, or a related field; advanced degree preferred.
- excellent communication, interpersonal, and relationship-building skills.
- ability to work effectively in a fast-paced, dynamic environment and adapt to both waterfall and agile methodologies.
*preferred competencies*:
- relevant certifications (cissp, cism, crisc, cisa, or similar) are a plus.
- strong presence to represent pepsico information security in complex situations with business and it partners.
- azure, aws
- ability to quickly learn legal, information security, and privacy requirements in different regions of the world.
- excellent prioritization capabilities, with an aptitude for breaking down complex work into manageable parts, effectively assessing the priority and time required to complete each part.
- strong problem-solving and analytical capabilities.
- ability to collaborate with various stakeholders, including business units and product managers.
*what can you expect from us?
*
- competitive compensation package
- a flexible work environment that promotes a healthy balance between personal and professional life
- a dynamic and inclusive culture
- a supportive team that will foster your professional growth and development
- opportunity to work with relevant projects worldwide
- opportunity to give back to the community with our volunteer programs