Cyber Security Enterprise Incident Commander
Job Title: Cyber Security Enterprise Incident Commander
Location: Plano, TX
Category: IT and Internet
The Global Incident Response Commander is responsible for oversight and/or management of large scale or significant business impacting cyber security incidents in a complex, global Fortune 50 enterprise. This includes responsibility for the cyber security incident response plan maintenance, conducting cyber tabletop exercises, acting as a liaison on third party incidents, providing executive awareness and communications on significant incidents and threats, managing incident response retainers and global threat management and response program initiatives including gap identification and program maturity recommendations.
- Serves as the incident commander for major or high-profile incidents including validating and escalating incidents, coordinating response, facilitating information sharing and conducting reporting
- Provides strategic guidance on and tracking of tools/visibility/capabilities gaps affecting PepsiCo's information security posture
- Responsible for maintaining the EIM capability which includes setting incident response strategy for the full incident response lifecycle
- Serves as liaison between technical response and the business to minimize the impact of an incident and maintain business operations
- Ensures adherence to the PepsiCo Cyber-Security Incident Response Plan and Enterprise Incident Management plan
- Coordinates response activities in partnership with global incident managers for high priority incidents
- Coordinates and directs efforts among the CSIRT throughout the incident response lifecycle
- Provides timely and relevant updates to appropriate executive stakeholders and decision makers
- Conducts after action reporting and provides relevant insights to guide improvements and adjustments to PepsiCo's information security posture
- Tests and maintains incident response plans and processes to address existing and emerging threats
- Maintains strong working relationships with cyber fusion functions to maintain situational awareness of potential risks to the PepsiCo environment
- Organizes, conducts and maintains documentation for executive and targeted functional table-top exercises
- Maintains incident response retainers and provides coordination of these third parties when activated
- Acts in an advisory capacity and as a liaison for third party incidents
- Leads special projects related to the Global Threat Management and Response program
- Participation in after-hours incidents when required
- 7+ years of experience in information security incident handling and/or security operations
- Experience with large scale and complex incidents of all types to include APT, DDOS, insider, web and mobile applications, data exfiltration etc
- Demonstrated ability to perform independent analysis of complex problems and distill relevant findings and root causes
- A broad and deep understanding of cyber-security threats, vulnerabilities, controls and remediation strategies in global enterprise environments
- Knowledge of technologies, systems and networks as well as typical gaps that could impact the ability of an organization to effectively detect and respond to cyber attacks
- Demonstrated knowledge of common adversary tactics, techniques, and procedures
- Strong foundational knowledge in information technology, to include hardware, networking, architecture, protocols, files systems and operating systems.
- Bachelor's degree in Information Technology, related discipline or relevant work experience
- Relevant Technical Security Certifications (GIAC, CISSP, SSCP, CISM, EC-Council, Offensive Security, etc) a plus
Soft and organizational skills:
- An ability to work well under pressure while maintaining a professional image and approach
- An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner
- An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
- An ability to effectively influence others to modify their opinions, plans, or behaviors
- A team-focused mentality with the proven ability to work effectively with diverse stakeholders
- Strong organizational skills with proven ability to manage multiple high visibility issues simultaneously
- Proactive attitude, seeking for improvement opportunities which can positively impact the security posture and the business
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.
PepsiCo is an equal opportunity employer Minorities/Females/People with Disabilities/Protected Veterans/Sexual Orientation/Gender Identity.
If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law (http://pep.jobs/eeo-poster) & EEO is the Law Supplement (http://pep.jobs/eeo-poster-supplement) documents by copying and pasting the appropriate URL in the address bar of your web browser.
To view our Pay Transparency Statement, please click here: Pay Transparency StatementJob Ref: 115020BR",
Performance with Purpose
Out performing ourselves is a rush. That's why we perform with purpose. Together, we blaze new trails, succeed, celebrate and then do something even bigger. We never settle for second best. At PepsiCo we're not just committed to performing well as individuals, but as a team, to strengthen the company as a whole.
Around the world, we're working hard to give people the tastes they crave and the nutrition they need. We dream globally and act locally, constantly innovating to sustain our planet, our people, our communities and our business practices. New markets mean new ways of doing business, and new ways of addressing health concerns, cultural differences and environmental challenges. Every day is an adventure, and an opportunity for personal and professional growth.