Cybersecurity Technical Risk Lead
Do you have experience implementing Information Security strategy to ensure information resources are adequately protected?
The Technical Risk Lead will work on with the North America(NA) Business Information Security Officer (BISO) and virtual teams to validate adherence to information security policies. You would work along side the NA IT Engage and Build Leads, IT Global Controls leads, SP&G, Information Security Global Risk Management leads, and InfoSec Security Solutions Architects to understand and communicate technical risk and mitigation.
- Operational coordination of the sector Security Risk Management practices that identify and communicate local risks, and partners with service delivery, technology, and operations function leads to develop required risk mitigation
- Provide sector security status updates to leadership and various levels within the organization
- Act as the technical subject matter expert on all security initiatives, leverages existing global security technology and products to solve problems, and assists the global project teams with testing, deployment, and execution of new initiatives (pilots, POC’s, other) within the geographical sector
- Work with all members of the Information Security sector and global functions organization to understand the security impact of complex technical issues (i.e., vulnerability remediation, incident response, new project/program capabilities)
- Monitor sector operational metrics for accuracy and collaborate within InfoSec, D&D, and Operations to ensure security operational targets are met
- Interface with the NA BRM organization and the InfoSec Engineering Solutions Architects to deliver secure business solutions
- Leverage existing global security strategy and technology to solve problems and assists the global project teams with testing, deployment, and execution of new initiatives
- Collaborate with Integration Team Lead and Compliance Lead and performs technical risk assessments related to sector application landscape, infrastructure, data protection, and to support sector investment prioritization providing visibility to senior management
- Participate and provides guidance specific to Incident Response’s After Action Engagement Program and post incident remediation
- Exceptional coordination and communication skills, including the ability to gather relevant data and information, actively listen, dialogue freely, verbalize ideas effectively, negotiate tense situations successfully, and manage and resolve conflict
- Ability to effectively prioritize and execute tasks in a high-pressure
- Team leadership and strong organizational skills
- Excellent attention to detail
- Highly self-motivated and directed
- Ability to work in a team-oriented, collaborative environment and communicate using virtual communication tools (conferencing, online
- Ability to assess and evaluate situations
- High level of analytical and problem-solving
- Proficient computer skills including Microsoft Office
- Bachelor's or Advanced degree in IT related topics or related work experience.
- 7+ years as an Information Security Architect/Engineer
- Experience with: Security Architecture, Application Risk Analysis, Vulnerability management, Data Classification, CIS Top 20 Critical Controls
- Experience with multiple industry standard solutions across the NIST Cybersecurity Framework is required
- Must have one or more of the following certifications: CISSP, CISSP-ISSAP, CISM, or equivalent GIAC certification
Job Type: Regular
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.
PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity
For San Francisco Bay Area: Our Company will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of San Francisco Police Code Sections 4901 - 4919, commonly referred to as the San Francisco Fair Chance Ordinance.
If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy
Please view our Pay Transparency Statement