1+ months

Sr. Analyst, Information Security

Plano, TX 75074
Auto req ID: 272997BR Job Description Our Information Security Group at PepsiCo is looking for information/ cyber security professionals to join our very exciting journey to manage information/ cyber security risks for PepsiCo as we engage thousands of third parties around the world. The Third-Party Information/ Cyber Security Compliance Senior Analyst will be responsible for assessing information (cyber) security to determine functional and technical risks to PepsiCos assets related to the access, use, processing, storage and transmission of information to and from those third parties that impact PepsiCo globally. Accountabilities: The key responsibilities of the role are as follows: Assess the information (cyber) security inherent risk of all TPSRM assessment requests to prioritize and determine the third-party engagements that require further detailed assessments to identify functional and technical risks related to the use, processing, storage, and transmission of information to and from those third parties that impact PepsiCo globally. Manage all work intake requests into our TPSRM organization, ensuring the proper information is provided, coaching and explaining all requestors globally of the need to initiative the process, and deciding whether or not the requestor has provided the proper and quality information to pursue to the next step in the process. Proactively develop productive relations/ partnerships with all technical and management requestors of TPSRM assessments to ensure a positive experience throughout the life of the TPSRM assessment. Conduct information security risk assessments (functional/technical) of third parties to identify vulnerabilities, risks, compliance with PepsiCo guidelines and industry leading practices, and protection needs in order to generate a risk rating, suggest potential functional and technical mitigations, and brief stakeholders (third parties, business sponsors, management) of the results and actions required. Monitor and drive assessment performance of the team members to maintain consistency and within expectations and SLAs by developing, maintaining, tracking, and reporting (Executive/ KPI/ Operational) metrics, and holding assessors accountable for their assessments and resolution of the issues they identify. Apply technical expertise to evaluate a wide variety of technologies/architectures utilized by third parties to understand impacts/risks to PepsiCo and provide more accurate inherent risk ratings for our third parties. Present findings (functional/technical) to various stakeholders and levels throughout the organization. Partner with third parties to suggest/recommend potential mitigation solutions for risk areas. Determine information security requirements/leading practices for new technical/functional areas of assessments to improve our work intake and inherent risk computations. Coordinate and effectively drive peers during the weekly TPSRM staff meetings related to metrics discussions and TPSRM initiative status. COVID-19 vaccination is a condition of employment for this role. Please note that all such company vaccine requirements provide the opportunity to request an approved accommodation or exemption under applicable law. Qualifications/Requirements Candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the functional and technical skills and competencies necessary to be highly effective in the role. These skills and competencies include: Mandatory Technical Skills: Technical experience and knowledge of infrastructure technologies, network, web, computing, cloud services, mobile devices, and information (cyber) security, allowing this role to provide technical support to other members of the organization. Technical and functional understanding of various information security solutions, technologies and industry-leading practices, allowing this role to support key technical and business decisions. Technical ability to identify and assess the severity and potential impact of risks and communicate risk assessment findings to risk owners outside Information Security. Communication should consistently drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance. Bachelor of Sciences degree, Masters degree preferable. Microsoft Excel, World, and PowerPoint skills to develop ad hoc reports to manage the reports and the metrics. Knowledge and experience working with GRC (Governance, Risk Management, and Compliance) tools such as Archer and ServiceNow. Mandatory Non-Technical Skills: Independent thinker and strong self-motivator, with the ability to collaborate with virtual teams and influence decision making. Strong understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business, allowing them to meet their strategic objectives. Strong verbal and written communication skills that positively builds relationships with key businesses and third parties stakeholders, proactively paving the road for influencing the actions taken by these stakeholders. Good prioritization capabilities, with an aptitude for breaking down complex work into manageable parts, effectively assessing the priority and time required to complete each part. Ability to work on several tasks simultaneously. Good decision-making capabilities, with a proven ability and common-sense to weigh the relative costs and benefits of potential actions and identify the most appropriate one. Ability to influence others and encourage peers and superiors to modify their opinions, plans, or behaviors, with an emphasis on collaborating across multiple teams and ensuring program needs are satisfied through interpersonal and trusted communication. Desired Qualifications: At least one of the following certifications is highly desirable: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified in the Governance of Enterprise IT (CGEIT), Certified Information Security Manager (CISM). 2+ years of experience in Cyber (Information) Security. 2+ year of experience in Third-Party compliance and/or governance. 3+ years of technical experience across various technologies and architectures including web, software development, networks, infrastructure, mobility, computer applications, and information security. Relocation Eligible: Not Eligible for Relocation Job Type: Regular All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity Our Company will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Fair Credit Reporting Act, and all other applicable laws, including but not limited to, San Francisco Police Code Sections 4901 - 4919, commonly referred to as the San Francisco Fair Chance Ordinance; and Chapter XVII, Article 9 of the Los Angeles Municipal Code, commonly referred to as the Fair Chance Initiative for Hiring Ordinance. If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy Please view our Pay Transparency Statement","city":"Plano","state":"Texas


Posted: 2022-04-22 Expires: 2022-06-23

Performance with Purpose

Out performing ourselves is a rush. That's why we perform with purpose. Together, we blaze new trails, succeed, celebrate and then do something even bigger. We never settle for second best. At PepsiCo we're not just committed to performing well as individuals, but as a team, to strengthen the company as a whole.

Around the world, we're working hard to give people the tastes they crave and the nutrition they need. We dream globally and act locally, constantly innovating to sustain our planet, our people, our communities and our business practices. New markets mean new ways of doing business, and new ways of addressing health concerns, cultural differences and environmental challenges. Every day is an adventure, and an opportunity for personal and professional growth.

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Sr. Analyst, Information Security

PepsiCo Inc.
Plano, TX 75074

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast