Security Integration Lead

Job Description

Auto req ID: 198147BR

Job Description

Imagine when YOUR “Creative Solutions” MEETS OUR Thirst for Innovation

At PepsiCo, it takes a global team to solve some of the most complex problems. And our InfoSec group is no exception! From Plano to Poland - we have a collaborative team comprised of two structures, a Center of Excellence, and a Consultancy, that are consistently innovating and supporting one another across borders. Influencing and driving our security agenda is no small task, and recognize the everyday contributions our talented security professionals make.

The Security Integration Lead is responsible for information security risk and management processes within Frito-Lay, Quaker Foods NA, PepsiCo Foods Canada, Global eCommerce and Global Go-To-Market including but not limited to security risk and exception analysis, information security work intake processes, support for cybersecurity awareness initiatives, collaboration on development of remediation plans, and data protection activities. The role also ensures security incident management and processes are given appropriate focus, assist with escalations and are handled expeditiously as per defined SLAs.

Responsibilities:

  • The Security Integration Lead is the primary contact within their sector for security work intake
  • Assist Attack Surface Management and Global Digital Connections teams when working with third parties locally on website/mobile security remediation
  • Escalate and report on security gaps/opportunities within the region to Sector BISO. Engage with key stakeholders to ensure that processes and initiatives operate within the documented security org framework, monitor security policy/standards compliance, and Information Security strategy is understood and communicated
  • Identify Stakeholder resistance and barriers and tighten the cohesion between business and Information Security
  • Support and track sector-based security exception process and remediation
  • Onboard to and provide training on Information Security Services Requests (ISSR)
  • Partner with Manufacturing OT and IT teams for Information Security engagement activities and partner awareness
  • Develop content and present on Information Security programs, initiatives, awareness and risk in consultation with SMEs and functional capability owners
  • Engage BRM and Project owners throughout the project lifecycle as a trusted advisor for ISSR service delivery and process management
  • Assist on the delivery of Cyber Security program initiatives within the regions through Information Security PMO and Compliance Lead alignment to manage sector security initiatives
  • Support of vulnerability remediation plan development and owner identification
  • Act as a trusted advisor throughout exception risk management from exception initiation, stakeholder identification, mitigating controls, remediation plan recommendations, and sign-off activities
  • Responsible for educating business functions on Information Security services and processes
  • Perform local security awareness initiatives such as clean desk exercise to reinforce and promote security standards compliance
  • Supports IR in driving awareness and remediation of security compliance-related incidents locally to include engagement of appropriate stakeholders
  • Support Data Protection Evaluation and Recertification program through BRM engagement and coordination of activities
  • Provide feedback on security requirements during planning cycles
  • Assist Security Assurance and project teams in security requirements' funding estimates for CAPEX/Projects
  • Collaborate with and support the Third-Party Security Risk Management team on assessments, issues, escalations and remediation

Qualifications/Requirements

  • Bachelor’s degree or equivalent experience
Experience:
  • 6 – 8 years of related IT Security business work experience.
  • CISM, CISSP certifications preferred
  • Knowledge of Project Management methodologies preferred
  • Written/spoken English proficiency required
Skills:
  • Strong interpersonal and oral communication skills
  • Highly self-motivated and directed
  • Ability to effectively prioritize and execute tasks in a high-pressure environment
  • Experience working in a team-oriented, collaborative environment
  • High level of analytical and problem-solving abilities
  • Strong understanding of both IT and Information Security goals and objectives
  • Ability to translate highly technical information into plain language
  • Willing "can do" attitude
  • Ability to manage multiple priorities and work across multiple organizations and teams

Relocation Eligible: Not Applicable
Job Type: Regular


All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.

PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity

Our Company will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Fair Credit Reporting Act, and all other applicable laws, including but not limited to, San Francisco Police Code Sections 4901 - 4919, commonly referred to as the San Francisco Fair Chance Ordinance; and Chapter XVII, Article 9 of the Los Angeles Municipal Code, commonly referred to as the Fair Chance Initiative for Hiring Ordinance.

If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy

Please view our Pay Transparency Statement