Global Incident Management Commander

Overview You have the opportunity to coordinate and lead PepsiCo’s response to high-impact cyber security incidents. This role will take ownership of maintaining the cyber security incident response plan, conducting tabletop exercises, managing third-party incidents, and providing awareness and communication to executive teams on significant incidents and/or threats. Responsibilities Serve as the Incident Commander for high-profile cyber security incidents, and coordinate response activities throughout the incident lifecycle in partnership with global incident managers and among the Cyber Security Incident Response Team Conduct after-action reporting, and provide insights to guide continuous improvements to PepsiCo’s information security postures and maintain business operations Provide timely and relevant updates to executive stakeholders, and maintain, conduct, and organize documentation for both executive and technical tabletop exercises Test and maintain Incident Response plans to address existing and emerging threats Manage engagement with Incident Response vendors Compensation and Benefits: The expected compensation range for this position is between $110,700 - $185,250. Location, confirmed job-related skills, experience, and education will be considered in setting actual starting salary. Your recruiter can share more about the specific salary range during the hiring process. Bonus based on performance and eligibility target payout is 12% of annual salary paid out annually. Paid time off subject to eligibility, including paid parental leave, vacation, sick, and bereavement. In addition to salary, PepsiCo offers a comprehensive benefits package to support our employees and their families, subject to elections and eligibility: Medical, Dental, Vision, Disability, Health, and Dependent Care Reimbursement Accounts, Employee Assistance Program (EAP), Insurance (Accident, Group Legal, Life), Defined Contribution Retirement Plan. Qualifications 10+ years’ related experience within IT Security, with experience in large-scale and complex incidents of all types (APT, DDOS, 3rd Party, Ransomware, Intrusion, Vulnerability Exploitation, Data Exfiltration, etc) Tertiary qualification in Computer Science, Cyber Security, or related discipline required, with CISM, CISSP, or other relevant certifications preferred Strong communication, decision-making, and organization skills Ability to clearly identify and articulate complex technical issues to diverse audiences, work with them, and maintain a high-visibility professional presence at all times EEO Statement Our Company will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Fair Credit Reporting Act, and all other applicable laws, including but not limited to, San Francisco Police Code Sections 4901-4919, commonly referred to as the San Francisco Fair Chance Ordinance; and Chapter XVII, Article 9 of the Los Angeles Municipal Code, commonly referred to as the Fair Chance Initiative for Hiring Ordinance. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity / Age If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy. Please view our Pay Transparency Statement. Serve as the Incident Commander for high-profile cyber security incidents, and coordinate response activities throughout the incident lifecycle in partnership with global incident managers and among the Cyber Security Incident Response Team Conduct after-action reporting, and provide insights to guide continuous improvements to PepsiCo’s information security postures and maintain business operations Provide timely and relevant updates to executive stakeholders, and maintain, conduct, and organize documentation for both executive and technical tabletop exercises Test and maintain Incident Response plans to address existing and emerging threats Manage engagement with Incident Response vendors Compensation and Benefits: The expected compensation range for this position is between $110,700 - $185,250. Location, confirmed job-related skills, experience, and education will be considered in setting actual starting salary. Your recruiter can share more about the specific salary range during the hiring process. Bonus based on performance and eligibility target payout is 12% of annual salary paid out annually. Paid time off subject to eligibility, including paid parental leave, vacation, sick, and bereavement. In addition to salary, PepsiCo offers a comprehensive benefits package to support our employees and their families, subject to elections and eligibility: Medical, Dental, Vision, Disability, Health, and Dependent Care Reimbursement Accounts, Employee Assistance Program (EAP), Insurance (Accident, Group Legal, Life), Defined Contribution Retirement Plan. 10+ years’ related experience within IT Security, with experience in large-scale and complex incidents of all types (APT, DDOS, 3rd Party, Ransomware, Intrusion, Vulnerability Exploitation, Data Exfiltration, etc) Tertiary qualification in Computer Science, Cyber Security, or related discipline required, with CISM, CISSP, or other relevant certifications preferred Strong communication, decision-making, and organization skills Ability to clearly identify and articulate complex technical issues to diverse audiences, work with them, and maintain a high-visibility professional presence at all times