PepsiCo Careers

Controls Senior Analyst

Plano, Texas

United States - English

Job Description

Auto req ID: 139387BR
External Posting Title: Controls Senior Analyst

Job Description

PepsiCo Information Security is seeking a self-motivated, Controls Senior Analyst, who will be responsible for assisting with the implementation and continued advancement of the integrated Information Security controls framework. In addition, this role is responsible for the development, sustainment, and testing of Information Security Sarbanes-Oxley (SOX) and operational controls in alignment with the PepsiCo IT Controls framework and PepsiCo risk appetite. This person will apply a broad knowledge of IT and cyber security audit principles, practices, and procedures to complete assignments as well as prepare well documented workpapers and effectively communicate findings and make recommendations.

The position is:

  • Responsible for assisting with the implementation and sustainment, and continued advancement of the enhanced Information Security controls framework and associated processes
  • Responsible for contributing to the continued advancement of the Information Security controls framework in alignment with the risk appetite and business requirements
  • Responsible for determining areas of risk and evaluates the controls environment relative to other existing standards/regulatory requirements
  • Responsible for providing planning, execution, and completion of controls testing activities for Information Security SOX and operational controls
  • Responsible for documenting test steps, methodology, work performed and summarized test results and ensuring that all processes are reviewed and updated periodically
  • Responsible for performing periodic testing of controls and compiles results
  • Responsible for identifying internal control gaps in information security procedures, processes or systems, and initiates appropriate remedial action
  • Responsible for effectively maintaining strong working relationships with individuals and groups involved in managing information risks across the organization
  • Responsible for collaborating with various stakeholders across the organization in managing the lifecycle of a control including new controls, modification to existing controls, or retirement of existing controls



  • Bachelor's degree in Accounting, Finance, Information Systems, or Audit is preferred

  • 4+ years of professional experience in IT or Information Security controls
  • 3+ years of experience with regulatory compliance, including information security management frameworks (e.g., SOX, NIST CSF, ISO2700x, COBIT, PCI, SANS Top 20 Critical Security Controls)
  • Proven experience designing, documenting, implementing and testing IT controls
  • Proven experience conducting risk assessments and mapping relevant controls
  • Strong knowledge of the Information Security domain preferred
  • Strong computer skills including, but not limited to, proven efficiencies with Microsoft Office
  • Understands effective control or mitigation options to manage specific risks; maintains composure when discussing control deficiencies or findings with customers
  • Must possess excellent oral and written communication skills.
An ideal candidate is:
  • Able to understand information security risks and assess mitigation strategies to confirm alignment with risk appetite
  • Able to build trust and effectively communicate risk assessment findings to risk point-of-contacts within the Information Security organization
  • Able to effectively facilitate risk identification/analysis discussions
  • Able to identify and assesses the severity and potential impact of risks and threats to the business, including aggregation and escalation as needed
  • Able to present effectively using several reporting and presentation tools such as Microsoft PowerPoint and RSA Archer

Relocation Eligible: Not Eligible for Relocation
Job Category: IT
Job Type: Regular

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.

PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity

If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy

Please view our Pay Transparency Statement