Career Areas
At PepsiCo, you can create more smiles and more possibilities at a global scale no matter what role you hold.
Ready to Return: Reignite Your Career
At PepsiCo, we understand the importance of career breaks. Whether you’re seeking a Direct Hire position or considering a Returnship, explore the possibilities with us.
Location
Choose a world region or country to learn more about PepsiCo career opportunities, local flavors and positive impact.
Info Security Assoc Manager
New Cairo, Egypt
Info Security Assoc Manager
JOB\_DESCRIPTION.SHARE.HTML CAROUSEL\_PARAGRAPH
JOB\_DESCRIPTION.SHARE.HTML
New Cairo, Egypt IT 320326 No No
Job Description
OverviewOur Information Security Group at PepsiCo is looking for information/ cyber security professionals to join our very exciting journey to manage information/ cyber security risks for PepsiCo as we engage thousands of third parties around the world. The Third-Party Information/ Cyber Security Compliance Associate Specialist will be responsible for assessing information (cyber) security to determine functional and technical risks to PepsiCo’s assets related to the access, use, processing, storage and transmission of information to and from those third parties that impact PepsiCo globally.
ResponsibilitiesThe key responsibilities of the role are as follows:
Provide suggestions and assess information (cyber) security posture to determine functional and technical risks related to the use, processing, storage, and transmission of information to and from those third parties that impact PepsiCo globally, as well as our manufacturing plants. Own third-party reviews (functional/technical) throughout the entire assessment life cycle. Conduct information security risk and vulnerability assessments (functional/technical) of third parties (including Mergers and Acquisitions, OT third parties, and PCI-subjected entities) to identify vulnerabilities, risks, and protection needs in order to generate a risk rating and potential functional and technical mitigations. Apply technical and architectural expertise to drill deep down into a wide variety of technologies/architectures utilized by third parties to understand impacts/risks to PepsiCo. Determine information security requirements/leading practices for new technical/functional areas of assessments, and work in industry forums to advance PepsiCo’s program and cyber maturity. Assess third-party information security risk posture (functional/technical) to ensure compliance with PepsiCo guidelines and industry leading practices. Present findings (functional/technical) to various stakeholders and levels throughout the organization. Partner with business and third parties to suggest/recommend potential mitigation solutions for risk areas. Facilitate alignment across diverse parties and business units and lead key strategic initiative that allow to reduce third-party risks to PepsiCo. Lead, coordinate, and drive third-party onsite visits to perform thorough assessments by setting the collaborative and strategic tone with the third parties and represent PepsiCo’s business interest in the upmost professional manner. Determine information security requirements/leading practices for new technical/functional areas of assessments. Coordinate peer assessors’ efforts to ensure proper expectations and consistent processes are performed by all the team. Proactively develop productive relations with technical and management leaders to own third-party reviews (functional/technical) throughout the entire assessment life cycle. Collaborate and contribute to the PCI-DSS assessments in PepsiCo, including process improvements and integration of governance activities with the rest of the PepsiCo assessment processes. Support Global Procurement (IT and non-IT) and business procurement teams by reviewing changes to the standard PepsiCo Information Security Requirements in third-party contracts and participate in the negotiation of requirements with third-party representatives.
Qualifications
Bachelor’s degree, master’s degree preferable. 7+ year of experience in third-party information security risk compliance and/or governance. 7+ years of technical experience across various information security related areas. skills to develop ad hoc reports to convey results, influence executive leadership, manage expectations, and improve metrics. Strong third-party information (cyber) security risk assessment skills to evaluate functional and technical capabilities of third parties. Strong technical experience and/or knowledge of infrastructure technologies, network, web, computing, cloud services, manufacturing equipment, mobile devices, DevSecOps principles, threat modeling, and information (cyber) security, allowing this role to provide technical leadership and coaching to other members of the organization.
Sign up and add your profile for recruiters to view.
Anonymized data is stored for redirects to the career site tracking successful searches leading to job applications in effort to measure effectiveness of partners in sourcing job candidates and job searches. We request use of anonymized data to improve your experience on our site.
page.
