Security Technical Risk Lead

Job Description

Auto req ID: 176150BR

Job Description

Imagine when YOUR “Creative Solutions” MEETS OUR Thirst for Innovation

At PepsiCo it takes a global team to solve some of the most complex problems. And our InfoSec group is no exception! From Plano to Poland - we have a collaborative team comprised of two structures, a Center of Excellence, and a Consultancy, that are consistently innovating and supporting one another across borders. Influencing and driving our security agenda is no small task, and recognize the everyday contributions our talented security professionals make.

The Security Technical Risk Lead is responsible for information security risk and technical security analysis within Frito-Lay, Quaker Foods NA, PepsiCo Foods Canada, eCommerce and Global Go-To-Market.

Responsibilities:

  • As the Security Technical Risk Lead you will be primary technical security contact within their region for security risk analysis, gap identification, and mitigation/remediation activities
  • Escalate and provide appropriate, informed recommendations on security gaps/opportunities within the region to Sector BISO
  • Engage with key stakeholders to ensure that processes and initiatives operate within the documented security org framework, monitor security policy/standards compliance, and Information Security strategy is understood and communicated
  • Identify Stakeholder resistance and barriers and tighten the cohesion between business and Information Securit
  • Acts as the technical subject matter expert on all security initiatives, leverages existing global security technology and products to solve problems, and assists the global project teams with testing, deployment, and execution of new initiatives (e.g. pilots, POC’s, other) within the sectorWorks with all members of the Information Security sector and global functions organization to understand the security impact of complex technical issues (i.e., vulnerability remediation, incident response, new project/program capabilities)
  • Analysis and research into sector security operational metrics to understand causality and differentiating factors in consultation with InfoSec, SDM’s, and Operations to drive strategy and approach to the prioritization and mitigation of risk
  • Develop and implement strategies for engaging business functions on information security technical matters and gain buy-in
  • Interface with the BRM organization and the InfoSec Engineering Solutions Architects to deliver secure business solutions
  • Support model design and drafting of documentation/runbooks for new security services in collaboration with (for example) Security Solutions, Engineering and Architecture teams
  • Support of vulnerability mitigation and remediation plan development
  • Participate in educating business functions on Information Security services and processes
  • Participate and provide guidance specific to Incident After Action Engagement Program and post incident activities
  • Provide feedback on security requirements during planning cycles
  • Assist Attack Surface Management and Global Digital Connections teams when working with third parties locally on website/mobile security remediation
  • Collaborate with and support OT and Third Party Security Risk Management teams on assessments, issues, and remediation

Qualifications/Requirements

Education:

  • Bachelor’s degree required
Experience:
  • 5+ years as IT Security Architect/Engineer or similar experience
  • Experience with security architecture, application risk analysis, vulnerability management, data classification, CIS Top 20 Critical Controls
  • CISM, CISSP, GIAC certifications preferred
  • Well versed in NIST Cybersecurity Framework
  • Written/spoken English proficiency required

Skills:
  • Strong interpersonal and oral communication skills
  • High level of analytical and problem-solving abilities
  • Strong understanding of both IT and Information Security goals and objectives
  • Highly self-motivated and directed
  • Experience working in a team-oriented, collaborative environment
  • Willing "can do" attitude
  • Ability to manage multiple priorities and work across multiple organizations and teams

Relocation Eligible: Eligible for Limited Relocation
Job Type: Regular


All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.

PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity

For San Francisco Bay Area: Our Company will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of San Francisco Police Code Sections 4901 - 4919, commonly referred to as the San Francisco Fair Chance Ordinance.

If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy

Please view our Pay Transparency Statement