The Cyber Security Director will be responsible for Attack Surface Reduction for the global identification and assessment of vulnerabilities, scope and execution of security penetration tests, and the remediation of resulting vulnerabilities. The Director will set the global strategy and direction for attack surface reduction with the sole goal to reduce vulnerabilities and ensure the protection of PepsiCo assets.
A minimum of 5+ years of experience in InfoSec or Cyber vulnerability management role, with large scale, global and complex environments similar to PepsiCo
Proven experience setting strategy and direction for Attack Surface Reduction, Vulnerability Management organization, including configuration of assessment tools
Running of day to day operations including vulnerability assessments and remediation efforts
Generates reports on assessments findings and summarizes to facilitate remediation tasks
Recommends security controls and/or corrective actions for mitigating technical and business risk
Produces vulnerability, configuration, and coverage metrics and reporting to demonstrate assessment coverage and remediation effectiveness
Deliver multi-year roadmaps for the Attack Surface Reduction function
Lead and manage team of subject matter experts including staffing and direct daily people management
Demonstrated ability to perform independent analysis of complex problems and distill relevant findings and root causes
Manage contracts with 3rd party vendors including SOW creation, RFPs, and escalations
A broad and deep understanding of cyber-security threats, vulnerabilities, controls and remediation strategies
Experience with cyber threat intelligence handling
Strong foundational knowledge in information technology, to include hardware, networking, architecture, protocols, files systems and operating systems.
An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner
Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and the associated impact on the organization
An ability to effectively influence others to modify their opinions, plans, or behaviors
Strong organizational skills with proven ability to manage multiple high visibility issues simultaneously
Excellent interpersonal skills and strong verbal and written communication
Qualifications:
Bachelor's degree in Computer Science, Cyber Security, or related discipline; advanced degree preferred
One or more relevant technical security certifications (GIAC, CISSP, CEH etc)
12+ years of professional experience
8 + years of technical experience or Cyber Security
Proven management experience leading a globally diverse team
Hands-on knowledge of the following:
Windows, UNIX, Linux, and mobile operating systems
Programming Languages, e.g. C, C++, C#, Java, PHP, PERL
Scanning tools (e.g. Qualys WAS, Qualys VM, HP Fortify, Intel MVM, nMAP, etc.)
Computer hardware, middleware, and package systemss
Web-based and mobile applications
Security frameworks (e.g. ISO 27001/27002, NIST, SOX, etc.)
Vulnerability assessment
Metasploit framework
Send To A Friend
Posts
