OverviewServe as the primary Information Security (Infosec) lead for PepsiCo's Supply Chain (Africa, Middle East, South Asia, International Beverage) and Consumer & Commercial (EMEA) functions. Provide trusted, business-aligned security advisory and execution across the region to manage cyber risk, enable secure solution delivery, drive vulnerability and third‑party risk remediation, and embed security into processes and product lifecycles to protect data, operations, brand and stakeholder trust.
Responsibilities- Lead security intake for Supply Chain & Consumer/Commercial workstreams in scope ensure timely assessment, prioritization and routing of information security requests and issues.
- Act as the regional escalation point to the Sector BISO and Global Information Security for gaps, risk exposures and remediation plans track closure and report status.
- Provide security advisory across project lifecycles (planning deployment operations), including ISA onboarding, secure design reviews and security requirement definition.
- Drive vulnerability management and remediation coordination with owners and Deployment Leads validate mitigations and report risk reduction.
- Support Application Risk Assessments, legacy remediation and DevSecOps coaching for Supply Chain engineering teams.
- Manage third party security interactions: assessments, remediation tracking and collaboration with TPRM and blockchain provenance teams.
- Support Incident Response and Enterprise Incident Management locally coordinate stakeholders, containment and post incident remediation.
- Own stakeholder engagement and awareness: design and deliver security content, training, and governance briefings to gain business buy in.
- Contribute to M&A/JV due diligence and onboarding for security posture, particularly for bottlers, suppliers and technology integrations.
- Ensure security considerations for data residency/GCC processing and Beyond the Bottle device lifecycles are considered.
Role activity balance (approximate)
- Operational & Executional: 50% (work intake, remediation coordination, incident support, TPRM execution)
- Tactical: 35% (project advisory, stakeholder engagement, process improvements, training)
- Strategic: 15% (policy alignment, capability uplift, regional security roadmaps and M&A enablement)
Decision making autonomy
- Medium: empowered to make technical and process decisions within agreed policy limits escalating higher risk or policy exceptions to Sector BISO.
Supervision required - Low to Medium: operates independently day to day receives directional guidance and policy/strategy from Sector BISO and Global Security leads.
Role complexity
- High: cross domain technical breadth (application security , infrastructure security, IoT, blockchain, cloud, identity), regulatory complexity (cross border data, GCCs), multi jurisdiction stakeholder landscape, and process+system risk focus.
Cross functional interactions
- High: frequent collaboration with Supply Chain ops, Deployment Leads, Data Science/Analytics, IT/Cloud, Legal & Privacy, Procurement/TPRM, Compliance, HR (insider/process controls), Finance (CAPEX/Project funding), Commercial and Marketing for product/program enablement.
Success measures / KPIs (examples)
- % remediation actions closed within SLA reduction in open critical vulnerabilities across scope % key partners with acceptable security posture reduction in risk in new engagements and secure from Start
QualificationsTechnical Skills:
- 7-12 years of experience - Senior professional with significant, with broad and deep expertise in their field.
- Experience with security architecture, application riskanalysis, vulnerability management, data classification, CIS Top 20 Critical Controls
- CISM, CISSP, GIAC certifications preferred
- Well versed in NIST Cybersecurity Framework
- Well versed in Agile development methodology andDevSecOps framework
Non Technical Skills:
- Bachelor's degree required
- Written/spoken English proficiency required
- Strong interpersonal and oral communication skills
- Ability to translate highly technical information into business friendly language
- High level of analytical and problem-solving abilities
Differentiated Competencies:
- Highly self-motivated and directed.
- Strong organizational skills.
- Excellent attention to detail.
- Experience working in a team-oriented, collaborative environment.
- Willing can do attitude
- Ability to manage multiple priorities and work acrossmultiple organizations and teams
