Third-party Information Security Assessor
6 days ago
Overview:
Our Information Security Group at PepsiCo is looking for information/ cyber security professionals to join our very exciting journey to manage information/ cyber security risks for PepsiCo as we engage thousands of third parties around the world. The Third-Party Information/ Cyber Security Compliance Associate Specialist will be responsible for assessing information (cyber) security to determine functional and technical risks to PepsiCo’s assets related to the access, use, processing, storage and transmission of information to and from those third parties that impact PepsiCo globally.
**Responsibilities**:
The key responsibilities of the role are as follows:
- Provide suggestions and assess information (cyber) security posture to determine functional and technical risks related to the use, processing, storage, and transmission of information to and from those third parties that impact PepsiCo globally, as well as our manufacturing plants.
- Own third-party reviews (functional/technical) throughout the entire assessment life cycle.
- Determine information security requirements/leading practices for new technical/functional areas of assessments, and work in industry forums to advance PepsiCo’s program and cyber maturity.
- Assess third-party information security risk posture (functional/technical) to ensure compliance with PepsiCo guidelines and industry leading practices.
- Present findings (functional/technical) to various stakeholders and levels throughout the organization.
- Partner with business and third parties to suggest/recommend potential mitigation solutions for risk areas.
- Facilitate alignment across diverse parties and business units and lead key strategic initiative that allow to reduce third-party risks to PepsiCo.
- Lead, coordinate, and drive third-party onsite visits to perform thorough assessments by setting the collaborative and strategic tone with the third parties and represent PepsiCo’s business interest in the upmost professional manner.
- Determine information security requirements/leading practices for new technical/functional areas of assessments.
- Coordinate peer assessors’ efforts to ensure proper expectations and consistent processes are performed by all the team.
- Proactively develop productive relations with technical and management leaders to own third-party reviews (functional/technical) throughout the entire assessment life cycle.
- Collaborate and contribute to the PCI-DSS assessments in PepsiCo, including process improvements and integration of governance activities with the rest of the PepsiCo assessment processes.
- Support Global Procurement (IT and non-IT) and business procurement teams by reviewing changes to the standard PepsiCo Information Security Requirements in third-party contracts and participate in the negotiation of requirements with third-party representatives.
Qualifications:
Mandatory Technical Skills:
- Strong third-party information (cyber) security risk assessment skills to evaluate functional and technical capabilities of third parties.
- Strong technical experience and/or knowledge of infrastructure technologies, network, web, computing, cloud services, manufacturing equipment, mobile devices, DevSecOps principles, threat modeling, and information (cyber) security, allowing this role to provide technical leadership and coaching to other members of the organization.
- Thorough understanding of Confidentiality, Integrity, and Availability controls, Privacy laws, etc.
- Comprehensive technical and functional understanding of various information security solutions, technologies, and industry-leading practices.
- Technical and business expertise and savviness to drive information security requirements/ clauses in third-party contracts, together with people skills to negotiate requirements with third-party representatives.
- Strong understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business.
- Bachelor’s degree, master’s degree preferable.
- 5-7+ year of experience in third-party information security risk compliance and/or governance.
- 5-7+ years of technical experience across various information security related areas.
- skills to develop ad hoc reports to convey results, influence executive leadership, manage expectations, and improve metrics.
Mandatory Non-Technical Skills:
- Independent thinker and strong self-motivator, with the ability to collaborate with virtual teams and influence decision making.
- Strong verbal and written communication skills in English and Spanish that positively impact relationships with key businesses’ and third-parties’ stakeholders.
- Excellent prioritization capabilities.
- Outstanding ability to work on several important tasks simultaneously.
- Strong decision-making capabilities.
- Robust ability to effectively influence others and lead peers and superiors to modify their opinions, plans, or behaviors.
- Effective ability to
-
Third-party Information Security Assessor
4 weeks ago
مصر, Egypt PepsiCo Full timeOverview: Our Information Security Group at PepsiCo is looking for information/ cyber security professionals to join our very exciting journey to manage information/ cyber security risks for PepsiCo as we engage thousands of third parties around the world. The Third-Party Information/ Cyber Security Compliance Associate Specialist will be responsible for...
-
Info Security Sr Manager
5 days ago
مصر, Egypt PepsiCo Full time**Overview** Our Information Security Group at PepsiCo is looking for a cyber security thought leader, influencer, security advocate, and driver of change, to join our very exciting journey to manage cyber security risks for PepsiCo and all our partners around the world. The Third-Party Information Security Compliance Senior Manager will be responsible for...
-
Info Security Manager
2 weeks ago
مصر, Egypt PepsiCo Full time**Overview** The main purpose of the role is to lead, manage, and own the activities necessary to perform information security risk assessments on the third parties with which PepsiCo enters a business relationship for services around the world of varying levels of criticality and complexity. The third-party information security risk assessor will act as a...
-
Info Security Specialist
5 days ago
مصر, Egypt PepsiCo Full timeOverview: The main purpose of the role is to lead, manage, and own the activities necessary to perform information security risk assessments on the third parties with which PepsiCo enters a business relationship for services around the world of varying levels of criticality and complexity. The third-party information security risk assessor will act as a...
-
Risk & Compliance Sr Specialist
5 days ago
مصر, Egypt PepsiCo Full timeOverview: Our Information Security Group at PepsiCo is looking for a cyber security thought leader, influencer, security advocate, and driver of change, to join our very exciting journey to manage cyber security risks for PepsiCo and all our partners around the world. The Third-Party Information Security Senior Specialist will be responsible for supporting...
-
Risk & Compliance Sr Specialist
5 days ago
مصر, Egypt PepsiCo Full time**Overview** Our Information Security Group at PepsiCo is looking for a cyber security thought leader, influencer, security advocate, and driver of change, to join our very exciting journey to manage cyber security risks for PepsiCo and all our partners around the world. The Third-Party Information Security Senior Specialist will be responsible for...
-
Information Security Risk Analyst
1 week ago
مصر, Egypt Plugin Talents Full time**About the job Information Security Risk Analyst**: **Objectives** help to raise a security culture and focus on driving advances to the security posture at best practices and standards, specifically to ISO27001, GDPR, and NIST. **Accountabilities** TASKS - Support the identification, analysis, and governance of information security risks across the...
-
مصر, Egypt Majid Al Futtaim Full time**BUSINESS INTRODUCTION** Majid Al Futtaim Holding is the leading shopping mall, retail, communities, entertainment developer and operator in the Middle East, North Africa, and Central Asia regions. With over 48,000 people, revenues of over US$ 11 Billion, and operations in 18 countries. Some of the iconic brands we carry include Mall of the Emirates,...
-
Account Manager
4 weeks ago
مصر, Egypt Cartlow Full time**Account Manager - Third Party Operations** **Position Overview**: We are seeking a dynamic and driven individual to join our team as an Account Manager Third-Party Operations. In this role, you will be responsible for managing and nurturing relationships with our third-party partners and ensuring smooth operations and effective collaboration. You will...
-
Information Security Analyst
1 week ago
مصر, Egypt SSC Egypt Full time1. Follow the security risk assessment methodology to assess the different business initiatives and projects. 2. Perform security risk assessments to align with the bank’s security policies and guidelines. 3. Validate and review the business requirements and ensure the relevant security measures are catered for throughout the different phases of the...
-
Information Security Senior Manager
2 weeks ago
مصر, Egypt MigrationIT Full time**Job Information**: Field - Security & GRCField / Area - SecurityIndustry - Financial ServicesJob Category - Information SecurityWork Experience - 5+ yearsCity - CairoState/Province - AI QahirahCountry - EgyptZip/Postal Code - 11311- Developing and implementing security policies, procedures, and protocols to protect the organization's assets, data, and...
-
Information Security Compliance Manager
1 week ago
مصر, Egypt SSC Egypt Full time1. Ensure proper management of the Security Compliance resources to support ongoing business initiatives from a security compliance perspective. 2. Ensure the annual review and update of the area’s processes and procedures with the development and adherence to the developed SLAs. 3. Support the implementation of the key strategic business initiatives and...
-
Head of Information Security Management
1 week ago
مصر, Egypt SSC Egypt Full time1. Oversee and manage the Information Security Management team to ensure proper management of the resources to support the ongoing business initiatives and ensure clear personal development plan is developed for each team member with an adequate training and coaching plan. 2. Ensure the annual review and update of the area’s processes, procedures and...
-
Information Security Consultant
1 week ago
مصر, Egypt athGADLANG Full time**aG Resources is hiring an Information Security Consultant with a minimum of 2 years of experience.** **Responsibilities**: - Advise on ISMS policies and procedures. - Conduct security inspections, audits, and assessments. - Develop and implement ISMS management systems. - Deliver training sessions on information security awareness and practices. -...
-
Information Security Engineer
5 days ago
مصر, Egypt SSC Egypt Full timeDevelop, execute and track the performance of security measures to protect information and network infrastructure and computer systems. - Design computer security strategy and engineer comprehensive cybersecurity architecture. - Identify, define and document system security requirements and recommend solutions to management. - Configure, troubleshoot and...
-
Information Security Analyst
4 weeks ago
مصر, Egypt Misr Technology Services Full time**Job** Responsibilities**: - Evaluate/assess Application Security Architecture and suggest recommendations. Provide best practices. - Support administration of local and vendor managed security solutions for MTS environment. - Analyze security threats, vulnerability assessments, and audit results to recommend security solutions that enable business...
-
Information Security Analyst
2 days ago
مصر, Egypt Wikimedia Foundation Full time**Summary** The Wikimedia Foundation is looking for a Senior Information Security Analyst to join the Security team, reporting to the Director of Security. As a Senior Information Security Analyst, you will play a critical role in evolving our security and privacy capabilities, while modeling compassion, collaboration, and transparency in support of our...
-
Information Security and Compliance Analyst
1 week ago
مصر, Egypt Expleo Full timeOverview: The Information Security & Compliance Analyst (ISCA) is part of the Information Security Management System (ISMS) of the Group, managed by the Group Chief Information Security Officer (CISO). The ISCA acts on behalf of the CISO and is supporting forces for developing Information Security as defined by the Group and for participating in the...
-
Team Leader, Information Security
4 weeks ago
مصر, Egypt Arrow Electronics, Inc. Full timePosition: Team leader, Information Security (Security Architecture & Risk Assessment) **Job Description**: Job Description and Duties: Performing security assessments, including architecture assessments, pen-testing, security controls assessments, and code analysis/review. Identifying, presenting, and prioritizing security risks, providing recommendations...
-
Senior Information Security Grc
6 days ago
مصر, Egypt ISEC Full time**Senior Information Security GRC is required.** **Key responsibilities**: - Experience in Implementing ISMS, performing internal reviews, drafting and enforcing policies in accordance with Central Bank of Egypt regulation, ISO 27001, and PCI-DSS. - Experience in PCI-DSS remediation and certification audit. - Experience in defining cyber security policies,...