Associate Director, Infrastructure Security Architecture

Job Description

Auto req ID: 184529BR

Job Description

Bring your passion and talent to our stage and share our PepsiCo vision to be the Global Leader in Convenient Foods and Beverages by Winning with Purpose. “Winning with Purpose” reflects our ambition to win sustainably in the marketplace and embed purpose into all aspects of the business

PepsiCo IT exists to shape, create and deliver technology capabilities to accelerate PepsiCo’s growth. Our vision is to power PepsiCo with the best talent and technology in the world. To achieve this vision, our team spans a wide range of IT capabilities. We partner with every PepsiCo business function – consumer insights, marketing & innovation, sales & eCommerce, supply chain & operations, and all back-office functions – to increase business value through new technology and digital solutions.

India will be a global IT Technology Hub for PepsiCo. The global IT Technology Hub in India will play a significant role in the delivery of IT services across all five of our global capability teams:

  • Chief Technology Office (CTO)
  • Global IT Operations
  • Global Information Security
  • Global Development & Delivery
  • Strategy, Planning & Transformation
PepsiCo CTO’s mission is to drive the technology strategy and deliver innovative solutions using leading edge, state-of-the-art digital platforms and modern infrastructure to transform the way PepsiCo makes its products, moves the products across many geographies, and sells them in diversified markets. We push the boundaries of what is possible by leveraging some of the emerging technologies. PepsiCo CTO team is considered as the internal trusted advisor to the business teams globally. Leaders in this organization have rich consulting, management and technology delivery experience, who are also great mentors for many employees.

The CTO team brings the entrepreneurial spirit and speed of a startup company to innovate and solve real business challenges that are diverse, complex, and unique due to the global nature of PepsiCo’s business. These high-value innovations are delivered through internal teams as well as a partner eco-system of start-ups, academic institutions as well as large technology firms. CTO team members work with incubators and curated startup companies on a regular basis.

The CTO team delivers solutions leveraging leading-edge technologies in the areas of a) Big Data & advanced analytics using Teradata, HANA Enterprise, Hadoop, and Microsoft Azure Analytics, b) Artificial Intelligence (AI) using Machine Learning, Deep Learning, computer vision technologies for video, image, text, and voice analytics using programming languages such as R, python, Tensorflow, and GPU hardware for compute intensive applications, c) Internet of Things platforms (Cloud and Edge computing), d) Intelligent automation using RPA (UIPath), e) Augmented Reality using Apple ARkit and Android ARCore, f) Wearable devices & applications for hands free factory and warehouse operations, g) Blockchain for food safety and supply chain visibility, h) modern mobile application platforms, and i) modern infrastructure using hybrid multi-cloud environments and state-of-the-art collaboration and communication platforms. The CTO team also leverages agile development tools and processes (DevOps, Continuous Integration Continuous Delivery pipelines, etc.).

If solving sticky business problems using technology is your passion, PepsiCo CTO team provides unique opportunities to individuals like you. We invite you to take a look at the opportunities available to come and join our team.

We are seeking an Sr. Security Architect and his role will be global in nature and architecture guidance will be critical to PepsiCo Global Transformation initiatives and will be focused on infrastructure initiatives such as Unified Communication and Collaboration, End User Computing, Cloud Migration and Network’s Security Architect will be a member of the Global Infrastructure Architecture and Engineering team will lead and set architecture strategy around security of enterprise infrastructure in close partnership with the Global Information Security and Global Infrastructure organizations.
This role will work closely with the sector delivery leads, infrastructure engineers and SMEs, and IT engineers and architects. The recipient should demonstrate experience across key infrastructure domains including Network, Cloud, IT Service Management, Unified Communication, Collaboration and Security.


Functional Responsibilities:

  • Ability to build and maintain constructive working relationships with a diverse community (in and outside of technology); ability to effectively communicate (both written and verbal) with and influence both technical and non-technical audiences.
  • Providing architectural and technical guidance to support information system and infrastructure design, improvements, and planning.
  • Assessing current and planned information systems, identifying security architecture issues, and designing solutions for gaps.
  • Review, assess, and mitigate penetration tests and vulnerability assessments on information systems and infrastructure.
  • Participating in infrastructure projects to develop, plan, and implement specifications for network and distributed system security technologies in support of key information systems.
  • Preparing and presenting information on infrastructure plans, progress, and resolution of security gaps to leadership.
  • Security policy development
  • Participating in risk assessments and security audits to include assessment of vulnerabilities, threats, and likelihood.

Key Competencies Required:
  • Recognized as a subject matter expert within areas of expertise, and/or is certified in one or more technology areas. Capable of diagnosing and evaluating complex issues. Work is performed with minimal direction and reviewed by senior management. Provides solutions to a diverse range of complex problems.
  • Ensure the features, benefits, and architectural impact of technology are understood and valued
  • Assist in developing the business cases for architectural solutions
  • Position the appropriate IT services for customers to consider when deploying a technology solution
  • Lead technical discussions, driving clarity of complex issues/requirements to build robust solutions
  • Develop advanced understanding of technological capabilities
  • Effectively highlight IT technological advantages and disadvantages from the customer’s perspective
  • Identify technical win strategies from a business and technology perspective
Key Qualifications/Requirements:
  • The ideal candidate should have 8-10 years of experience with the following:
  • Identity and Access Management (e.g., LDAP, Sun Access Manager, MS Active Directory, Sun Identity Manager, Tivoli Access Manager, and Unix Account Centralization tools such as Power Broker and other PAM-based tools)
  • Remote Access Authorization and Authentication (RADIUS, SecurID, IPSEC and SSL VPN)
  • Content security (Cisco/Ironport ESA/WSA/Cloud/OpenDNS/Umbrella) security testing
  • Excellent understanding of VPN (site-to-site, remote access client, IPSec, IKE, tunnel modes, SSL/clientless/AnyConnect, tunnels between firewalls, routers)
  • Operating System Security Configurations (Windows, Unix (HPUX and AIX), and Linux)
  • Operating System and Application Vulnerability and Patch Analsysis Vulnerability Scanning and Penetration Testing Tools (Tripwire, Foundstone, etc)
  • Web Proxies and URL/Content Filtering (e.g., products from WebWasher, and the ICAP protocols)
  • Secure File Transfers (e.g., Sterling, Forum Systems, Ipswitch, sftp, ftps, https, and ftp with PGP)
  • Wireless Security (e.g., 802.1x, Cisco and Aruba Wireless)
  • Encryption and Key Management (whole disk, file-level, network, database, PGP, MS Certificate Services, and backup tapes)
  • Incident Response and Forensic Analysis Support
  • Application and Web Layer Security (e.g., Web 2.0, SOAP, SOA, Secure Messaging)
  • Code Security Analysis (manual and leveraging automated scanning tools)
  • Risk Assessments, methodologies, and compensating controls
  • Endpoint Protection (e.g., Anti-Virus, Personal Firewall, and Application Executable Control from vendors such as Symantec and McAfee
  • SSL Server Certificates (i.e., VeriSign)
  • Firewalls, Routers, and Load-Balancers
  • Data Loss Prevention (for databases/storage, the network, and endpoints e.g. Symantec Vontu)
  • Bachelors Degree required. Master’s in Information Security (or related field) is a plus.

Relocation Eligible: Not Eligible for Relocation
Job Type: Regular