Security Manager - Miguel Hidalgo, México - PepsiCo

PepsiCo

Empresa verificada

Miguel Hidalgo, México

hace 2 semanas

Publicado por:

Rodrigo Fernández

Reclutador de talento para beBee

Descripción

Overview:

We Are PepsiCo
Join PepsiCo and dare to transform We are the perfect place for curious people, thinkers and change agents.

From leadership to front lines, we're excited about the future and working together to make the world a better place.

Being part of PepsiCo means being part of one of the largest food and beverage companies in the world, with our iconic brands consumed more than a billion times a day in more than 200 countries.

In PepsiCo Mexico is one of the most important consumer products companies in the country.

Our product portfolio, which includes 22 of the world's most iconic brands, such as Sabritas, Gamesa, Quaker, Pepsi, Gatorade and Sonrics, has been a part of Mexican homes for more than 116 years.

A career at PepsiCo means working in a culture where all people are welcome. Here, you can dare to be you.

No matter who you are, where you're from, or who you love, you can always influence the people around you and make a positive impact in the world.

Know a little more:
PepsiCoJobs

Join PepsiCo, dare to transform.

Responsibilities:

The Opportunity

The Security Integration Lead is responsible for information security risk and management processes within Pepsico Mexico Foods and CARICAM region including but not limited to security risk and exception analysis, information security work in-take processes, support for cyber security awareness initiatives, collaboration on development of remediation plans, and data protection activities.

The role also ensures security incident management and processes are given appropriate focus, assist with escalations and are handled expeditiously as per defined SLAs.

Your Impact

As Security Manager your scope would consist of:

The Security Integration Lead is responsible for Policy & Standards enforcement within the regions. Act as the primary contact within their region for security work intakes, business demand and collecting local regulatory requirements.
Act as a primary contact for data protection program within the region, ensure all current/legacy systems are mapped and required controls are identified and ensure a plan is developed to remediate control deficiencies identified.
This role will assist analysis and remediation of security breaches and vulnerability issues in a timely and accurate fashion, and conduct user activity audits where required.
This role supports the Sector Patching Coordinator on remediation activities within the regions and influence to have required downtime to meet remediation requirements is arranged. Also responsible to work with the Third Party locally on websites security remediation.
Assess security level within the regions and report status to Sector BISO.
Collaborate with HCL and Compute teams to ensure required nonSOX (MMSF included) evidences are ready and effective to cover Security nonSOX controls.
Conduct / Assist investigations and requirements from Audit / Legal / HR in the regions as needed.
Engage with key stakeholders to ensure that processes and initiatives operate within the documented security org framework, monitor security policy/standards compliance, and InfoSec strategy is understood and communicated.
Support and track sector based security exception process and remediation.
Review and signoff on Information Security Assessment (ISA) completion.
Partner with Manufacturing OT and IT team for InfoSec engagement activities and partner awareness.
Identify Stakeholder resistance and barriers and tighten the cohesion between business and infosec.
Represent BISO team through security awareness and presentations.
Engages with IT Lead and Project owners throughout the project lifecycle as oversight and monitoring for ISA service delivery and process management.
Perform sector risk and user impact for cybersecurity related projects and coordinate comms related tasks (translation, training, support, request for change, support model, etc).
Assist on the delivery of Cyber Security program initiatives within the regions through InfoSec PMO and Compliance Lead alignment to manage sector security initiatives.
Support of vulnerability remediation plan development and owner identification (e.g., manufacturing security assessments, security exceptions).
Leading exception risk management through exception initiation, stakeholder identification, compliance gaps, remediation plan recommendations, potential solutions and signoff activities.
Oversees and tracks successful implementation of agreed to Exceptions' remediation plans and timelines.
Develop and implement strategies for engaging business functions on information security matters and gain buyin.
Responsible for educating business functions on InfoSec services and processes.
Partners and supports Security Awareness Training team and local HR teams to meet security awareness training targets.
Perform local security awareness initiatives such as clean desk exercise to reinforce an