Information Security Integration Lead

**Auto req ID**: 277376BR

The BISO Security Integration Lead is responsible for providing guidance on information security risk management issues and processes within PepsiCo Europe. The role requires creative, resourceful approaches and proactive engagement with stakeholders across IT, OT, Information Security, business and corporate teams to identify and mitigate risk. Working on a small team focused on vulnerability/exceptions analysis and risk landscape monitoring as well as information security work intake processes and data protection activities. The role continuously strives to shift security left, minimize barriers to security compliance and attain new efficiencies in risk management processes.

Accountabilities:

- Act as a Security Coach and trusted advisor to sector Security Champions/Advocates, key stakeholders, and partners in support of Information Security strategy, services, processes and requirements
- Identify, assess, and report on security gaps within sector; develop action plans to address opportunity areas
- Identify stakeholder resistance and barriers in order to tighten the cohesion between business and Information Security
- Engage with key stakeholders to ensure that processes and initiatives operate within the documented security org framework, monitor security policy/standards compliance, and Information Security strategy is understood and communicated
- Develop content and present on Information Security programs, initiatives, incidents, threats and risk topics
- Act as trusted advisor throughout security exception risk management from exception initiation, mitigating controls identification, and remediation planning
- Support of vulnerability management and remediation plan development and owner identification
- Assist on the delivery of Cyber Security program initiatives within the sector through Information Security PMO and Compliance Lead alignment to manage sector security initiatives
- Support Application Risk Assessments through sector Controls and IT Sector Lead engagement and coordination of activities
- Collaborate with and support Third Party Security Risk Management team on assessments, issues, escalations, and remediation
- Monitor and facilitate post-incident recovery activities in collaboration with stakeholders, incident management teams and other key partners
- Provide feedback on security requirements during planning cycles
- Continuously advance and deepen knowledge of IT and security technologies, best practices, and emerging threats
- Engage with key stakeholders and partners as trusted advisor on Information Security

**Qualifications/Requirements**:

- Bachelor’s or Advanced degree (IT related studies preferred)
- 4+ years of IT experience
- 3+ years Information Security experience (technical experience as a security analyst or engineer preferred)
- CISM, CISSP, CRISC, GIAC/GSEC certifications (preferred)
- Well-versed in NIST Cybersecurity Framework, CIS Top 20 Critical Controls, OWASP Top 20
- Knowledge of Project Management and Agile methodologies
- Written/spoken English proficiency required
- Strong interpersonal, oral and written communication skills
- Innovative and collaborative problem solver
- Ability to translate technical information into plain language
- Highly self-motivated and directed
- Strong organizational skills
- Dedicated and resourceful life-long learner
- Excellent attention to detail
- Ability to manage multiple priorities and work across multiple organizations and teams
- Willing “can do” attitude
- Ability to effectively prioritize and execute tasks in a high-pressure environment

**Relocation Eligible**: Not Applicable

**Job Type**: Regular