Information Security Risk Governance Lead Pepsico
Plano, TX

Job Description

Auto req ID: 175792BR

Job Description

This driven team of risk champions focuses on the development of PepsiCo's global Information Security risk management program by bringing innovative ideas to life and providing key risk insights to leadership. Be a part of PepsiCo's global Information Security team, where we partner to deliver information security capabilities to protect PepsiCo and cultivate a security accountable culture.

Rewarding opportunity for personal and professional growth. You will have a unique opportunity to expand your knowledge and to help PepsiCo maintain a risk conscious environment.

Do you enjoy driving and improving information security risk management processes and practices? The Risk Governance Lead drives the risk management efforts for the global Information Security organization at PepsiCo. You will provide guidance and governance of the organization's information security risk framework. You are responsible for executive level reporting for various global audiences. If you are an effective, goal-oriented risk champion, who has a passion for continuous improvement of the risk management environment, this role is for you!

In this position you are responsible for:

* Leading the risk management team and effort
* Understanding information security risks and assessing mitigation strategies to confirm alignment with risk appetite
* Assisting management with defining the organization's risk appetite, and leading the efforts to implement and enforce it - making it relevant to the business on a day-to-day basis
* Leading the effort to support the identification, analysis, and governance of information security risks across the organization
* Understanding information security risks and assessing mitigation strategies to confirm alignment with risk appetite
* Continuing the advancement of the risk management efforts, including the framework and associated processes
* Building trust and effectively facilitating risk identification/analysis discussions
* Collaborating with various partners across the organization to gather relevant threat intelligence, effectively analyze, and communicate the state of the threat landscape, to include emerging threats
* Building and facilitating risk assessment exercises
* Researching and interpreting industry insights and best practices, along with interpreting impact of requirements from governing authorities
* Maintaining strong working relationships with individuals and groups involved in managing information security risks across the organization to continue the advancement of the information security risk framework, processes, and technology
* Breaking down work into manageable parts, effectively assessing the priority and time required to complete each part
* Designing and presenting executive level presentations and reports
* Coaching more junior team members
* Effectively translating technical language into business terms
* Excellent communications, both oral and written
* Ability to adapt messaging to the appropriate level for the audience, with the appropriate depth and breadth - both verbally and visually

Qualifications/Requirements

Education:

* Bachelor's Degree in Business Administration, Business Information Systems, Cybersecurity, Computer Science, or a related field, or equivalent work experience

Key Skills/Experience Required:

* 6+ years of professional experience in a risk related role
* 5+ years of IT and/or cyber experience
* Experience with regulatory compliance, including information security management frameworks (e.g., NIST CSF, ISO2700x, SANS Top 20 Critical Security Controls, SOX, COBIT) preferred
* Demonstrable experience actively governing risks and threats globally
* Demonstrable experience conducting risk assessments and facilitating executive level risk discussions
* Strong presentation skills, both creating and presenting
* Strong knowledge of the Information Security domain preferred
* Advanced experience with productivity software such as Microsoft Office, specifically Excel and PowerPoint
* Experience building risk management programs and/or continuous improvement of the risk management environment highly preferred

Relocation Eligible: Not Eligible for Relocation

Job Type: Regular

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.

PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity

For San Francisco Bay Area: Our Company will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of San Francisco Police Code Sections 4901 - 4919, commonly referred to as the San Francisco Fair Chance Ordinance.

If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy

Please view our Pay Transparency Statement