Join to apply for the info security assoc manager role at pepsico. About pepsico we are pepsico – join pepsico and dare for better! We are the perfect place for curious people, thinkers and change agents. From leadership to front lines, we’re excited about the future and working together to make the world a better place. Being part of pepsico means being part of one of the largest food and beverage companies in the world, with our iconic brands consumed more than a billion times a day in more than 200 countries. Our product portfolio, which includes 22 of the world’s most iconic brands, such as sabritas, gamesa, quaker, pepsi, gatorade and sonrics, has been a part of mexican homes for more than 116 years. A career at pepsico means working in a culture where all people are welcome. Here, you can dare to be you. No matter who you are, where you’re from, or who you love, you can always influence the people around you and make a positive impact in the world. Responsibilities security design expertise: proven track record in assessing security designs, including data flow diagrams, architectural blueprints, low‑level designs, networking diagrams, authentication mechanisms, and authorization schemes. Must demonstrate experience in aligning these designs with industry standards such as nist 800‑53, iso 27002, cis, and owasp to ensure robust security postures. Compliance assessment: assess new and changing application designs and requirements to ensure compliance with pepsico information security standards. Risk communication: identify, quantify, and communicate technology risks impacting the business, recommending resolutions and identifying root causes. Explain scan results (infrastructure, applications, databases) and pen testing results to stakeholders. Project lifecycle reviews: review it and information security systems throughout the project lifecycle, identifying risks and security requirements, and recommending paths to eliminate identified risks and implement compensating controls. Automated risk assessments: conduct risk‑based assessments using automated tools and techniques to prioritize and address security risks. Threat modeling: utilize expert knowledge in threat modeling techniques and methodologies to proactively identify, assess, and prioritize security risks. Collaboration and education: collaborate with various it and business teams to ensure they are knowledgeable about information security processes and requirements, influencing them to eliminate or reduce risks. Servicenow utilization: experience using servicenow to gather necessary information and data, automating security assessment processes to enhance efficiency and effectiveness. Metrics management and reporting: manage operational metrics related to the isa and grc processes, utilizing power bi for advanced reporting, tracking project progress, and developing corrective action plans. Process improvement and proactive security: govern information security services from the isa, tracking process metrics, identifying issues, and driving process improvement initiatives. Stay updated with threat intelligence, leverage azure and cloud security knowledge, and implement agile and devsecops methodologies to integrate security into the development process. Qualifications a minimum of 5 years of experience in information security, it risk management, or a similar role. Advanced conversational english is a must. Mandatory technical skills in‑depth technical experience and knowledge of infrastructure technologies, networks, web, computing, cloud services, manufacturing equipment, mobile devices, and information (cyber) security. Strong understanding of information security frameworks, regulations, and standards such as nist 800‑53, cis, mitre att&ck, and iso 27002. Proficient in servicenow, with the ability to leverage its modules for information gathering, data analysis, and automation of the isa service. Experience in threat modeling and applying threat modeling methodologies in previous roles. Proficient in power bi for developing reports and dashboards to support data‑driven decision‑making. Strong skills in developing ad‑hoc reports and managing metrics. Knowledge of aws, azure, salesforce, servicenow, sap, and general cloud and erp security principles. Ability to read and explain scan (infrastructure, applications, databases) and pen testing results to technical and non‑technical stakeholders, guiding them on risk and vulnerability remediation. Mandatory non‑technical skills proficient in influencing and educating stakeholders on security best practices and policies, ensuring understanding and adherence to security standards. Established a reputation as a trusted adviser, providing expert guidance on information security matters. Strong presence to represent pepsico information security in complex situations with business and it partners. Ability to collaborate with various stakeholders, including business units and product managers. Preferred competencies relevant certifications (cissp, cism, crisc, or similar) are a plus. Strong presence to represent pepsico information security in complex situations with business and it partners. Ability to quickly learn legal, information security, and privacy requirements in different regions of the world. Excellent prioritization capabilities, with an aptitude for breaking down complex work into manageable parts, effectively assessing the priority and time required to complete each part. Strong problem‑solving and analytical capabilities. Ability to collaborate with various stakeholders, including business units and product managers. Benefits opportunities to learn and develop every day through a wide range of programs. Internal digital platforms that promote self‑learning. Development programs according to leadership skills. Specialized training according to the role. Learning experiences with internal and external providers. Recognition programs for seniority, behavior, leadership, and moments of life. Financial wellness programs that help you reach your goals in all stages of life. A flexibility program that allows you to balance your personal and work life, adapting your working day to your lifestyle. Family‑focused benefits such as wellness line, thousands of agreements and discounts, scholarship programs for children, aid plans for various life events. Referrals increase your chances of interviewing at pepsico by 2x. We are an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We respect and value diversity as a workforce and innovation for the organization. J-18808-ljbffr