Overview: We Are Pepsi Co
Join Pepsi Co and Dare for Better! We are the perfect place for curious people, thinkers and change agents. From leadership to front lines, we're excited about the future and working together to make the world a better place.


Being part of Pepsi Co means being part of one of the largest food and beverage companies in the world, with our iconic brands consumed more than a billion times a day in more than 200 countries.


In Brazil since 1953, Pepsi Co has well-known brands such as QUAKER®, TODDY®, TODDYNHO®, ELMA CHIPS®, RUFFLES®, DORITOS®, EQLIBRI™, GATORADE®, KERO COCO®, H2OH!®, PEPSI®, among others.


A career at Pepsi Co means working in a culture where all people are welcome. Here, you can dare to be you. No matter who you are, where you're from, or who you love, you can always influence the people around you and make a positive impact in the world.


Know more: Pepsi Co Jobs
Join Pepsi Co, dare for better.
Responsibilities: The Opportunity
The Information Security Lead is responsible for information security risk and management processes within Pepsico Brazil Foods region including but not limited to security risk and exception analysis, information security work in-take processes, support for cyber security awareness initiatives, collaboration on development of remediation plans, and data protection activities. The role also ensures security incident management and processes are given appropriate focus, assist with escalations and are handled expeditiously as per defined SLAs.



Your Impact

• Engage with key stakeholders to ensure that processes and initiatives operate within the documented security org framework, monitor security policy/standards compliance, and Info Sec strategy is understood and communicated;
• Support and track sector based security exception process and remediation;
• Review and sign-off on Information Security Assessment (ISA) completion;
• Partner with Manufacturing OT and IT team for Info Sec engagement activities and partner awareness;
• Identify Stakeholder resistance and barriers and tighten the cohesion between business and infosec;
• Represent BISO team through security awareness and presentations;
• Engages with IT Lead and Project owners throughout the project lifecycle as oversight and monitoring for ISA service delivery and process management;
• Perform sector risk and user impact for cybersecurity related projects and coordinate comms related tasks (translation, training, support, request for change, support model, etc);
• Assist on the delivery of Cyber Security program initiatives within the regions through Info Sec PMO and Compliance Lead alignment to manage sector security initiatives;
• Support of vulnerability remediation plan development and owner identification (e.g., manufacturing security assessments, security exceptions);
• Leading exception risk management through exception initiation, stakeholder identification, compliance gaps, remediation plan recommendations, potential solutions and sign-off activities;
• Oversees and tracks successful implementation of agreed to Exceptions' remediation plans and timelines;
• Develop and implement strategies for engaging business functions on information security matters and gain buy-in;
• Responsible for educating business functions on Info Sec services and processes;
• Partners and supports Security Awareness Training team and local HR teams to meet security awareness training targets;
• Perform local security awareness initiatives such as clean desk exercise to reinforce and promote security standards compliance;
• Supports IR in driving awareness and remediation of security compliance related incidents locally to include engagement of appropriate stakeholders;
• Support Data Protection Evaluation and Recertification program through IT LEAD engagement and coordination of activities;
• Provide feedback on security requirements (by data class) during AOP;
• Assist Security Assurance and project teams in security requirements' funding estimates for CAPEX/Projects;
• Collaborate with and support Third Party Security Risk Management team on assessments, issues, escalations and remediation.

Qualifications: Who Are We Looking For?

• Bachelor’s degree required;
• Previous experience with IT Security business work experience;
• CISM, CISSP certifications are a desired state;
• Knowledge of Processes (ITIL), V3 Certification is a desired state;
• Knowledge of Project Management methodologies (SDLC);
• Advanced English level.

If this is an opportunity that interests you, we encourage you to apply even if you do not meet 100% of the requirements.


What can you expect from us:

• Opportunities to learn and develop every day through a wide range of programs.
• Internal digital platforms that promote self-learning.
• Development programs according to Leadership skills.
• Specialized training according to the role.
• Learning experiences with internal and external providers.
• We love to celebrate success, which is why we have recognition programs for seniority, behavior, leadership, moments of life, among others.
• Financial wellness programs that will help you reach your goals in all stages of life.
• A flexibility program that will allow you to balance your personal and work life, adapting your working day to your lifestyle.
• And because your family is also important to us, they can also enjoy benefits such as our Wellness Line, thousands of Agreements and Discounts, Scholarship programs for your children, Aid Plans for different moments of life, among others.

We are an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We respect and value diversity as a work force and innovation for the organization.