Data Protection Evaluation - Information Security Assurance
The Information Assurance Data Protection Evaluation role will conduct Data Protection Evaluations (DPE) and reassessments to classify application data and assess application compliance with Information Security Standards.
The role will work with global teams to identify application scope, develop and maintain assessment timelines, support teams in data classification efforts. Additionally they will assess application compliance with the Information Security Standards. The role will support the application teams to ensure completion and provide direction for remediation.
If you have a blend of functional, business and technical skills with an understanding of Data Classification and IT application technology concepts to assess and validate security standards you will enjoy this role.
If you are a self-starter who demonstrates leadership skills and takes initiative you will be successful in this role. Additional skill sets needed are strong communication skills and the ability to interact effectively with direct managers, staff and vendors in both technical and business roles.
Following are key role expectations:
- Drive information security practices and processes
- Conduct Data Protection Evaluations for global applications
- Assess Application compliance with Information Security Standards
- Assist with the development, rollout and management of reoccurring application Data Protection reassessments to maintain current results.
- Become a SME for the Data Classification Security standard, how it relates to project technologies and provide guidance and direction on application data classification.
- Present updates to various stakeholders and levels throughout the organization
- Partner with BISO teams to identify and escalate where exceptions are required
- Create and maintain reports and provide regular metrics
- Bachelor's degree in IT, Computer Information Systems, Computer Science or equivalent work experience
- 3 years of experience in Data Protection Evaluations
- 5 years of experience working in a global environment in the Risk and Compliance area
- Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified in the Governance of Enterprise IT (CGEIT).
- Project Management experience
- Knowledge of data governance best practices, business and technology issues related to management of enterprise information assets, and approaches related to data protection
- Understanding of data related government regulatory requirements, such as GDPR, including emerging trends and issues
Job Type: Regular
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.
PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity
For San Francisco Bay Area: Our Company will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of San Francisco Police Code Sections 4901 - 4919, commonly referred to as the San Francisco Fair Chance Ordinance.
If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy
Please view our Pay Transparency Statement