OT Cybersecurity Compliance Specialist

OT Cybersecurity Compliance Specialist role partners with sector cyber risk owners to drive sector supply chain compliance to Cybersecurity Policy and OT-specific standards and controls. This role will ensure OT controls testing and compliance initiatives are completed and will guide risk owners through the Cybersecurity OT Issues and Exceptions process. The role will provide support for process improvement initiatives through analysis, documentation, and testing.

The OT Cybersecurity Compliance Specialist role partners with sector cyber risk owners to drive sector supply chain compliance to Cybersecurity Policy and OT-specific standards and controls. This role will ensure OT controls testing and compliance initiatives are completed and will guide risk owners through the Cybersecurity OT Issues and Exceptions process. The role will provide support for process improvement initiatives through analysis, documentation, and testing.

• Provide training and insights to Sector OT Leads on OT cybersecurity standards, controls, compliance, metrics, and reporting.
• Partner with OT Sector Leads to drive compliance to PepsiCo OT-specific standards and controls.
• Monitor and drive control testing at local plants (i.e., anti-virus, system patching, backups, recovery and reconstitution, asset inventory).
• Guide OT Sector Leads to submit and monitor information security exceptions and risk remediations.
• Review supplier compliance to PepsiCo standards and services; recommend performance improvements.
• Partner with InfoSec to provide OT-specific requirements related to process design and modifications.
• Analyze OT cybersecurity metrics; Provide report requirements that identify sector cyber risks.
• Ensure OT reporting and dashboard metrics are accurate through data validation.
• Provide manager insight to sector and plant risk issues and risk mitigations; Recommend actions for improvement.

Compensation and Benefits:

• The expected compensation range for this position is between $89,000 - $149,000.
  
• Location, confirmed job-related skills, experience, and education will be considered in setting actual starting salary. Your recruiter can share more about the specific salary range during the hiring process.
  
• Bonus based on performance and eligibility target payout is 10% of annual salary paid out annually.
  
• Paid time off subject to eligibility, including paid parental leave, vacation, sick, and bereavement.
  
• In addition to salary, PepsiCo offers a comprehensive benefits package to support our employees and their families, subject to elections and eligibility: Medical, Dental, Vision, Disability, Health, and Dependent Care Reimbursement Accounts, Employee Assistance Program (EAP), Insurance (Accident, Group Legal, Life), Defined Contribution Retirement Plan.

• Minimum of bachelor's degree (BA or BS) in any related field is required.
• 3+ years of Cyber/Information Security or OT/Manufacturing operations.
• 3+ years working with policy and standards (e.g. IEC 62443/ISA 99, NIST SP 800-82, NIST SP 800-53, NIST CSF, ISO27001, COBIT).
• 3+ years of experience in governance, compliance, and risk processes, or audit assessments.
• Proficiency in assessing and managing risks, including identifying vulnerabilities, evaluating potential threats, and implementing risk mitigation strategies.
• Proficiency in analyzing and interpreting data related to compliance audits, assessments, and monitoring activities.
• Proficient in Microsoft suite of tools – Excel (pivot tables), Word, PowerPoint, Power BI.
• Proficient in search engines and research.
• Experience partnering and collaborating with global teams having various responsibilities.
• Ability to drive results and build consensus with internal and external stakeholders.
• Strong process efficiency and procedure development skills.
• Excellent verbal and written communication skills.
• Exceptional analytical and problem-solving skills.
• Preferred: CISM, CISSP, ISA/IEC 62443 certification.

Our Company will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Fair Credit Reporting Act, and all other applicable laws, including but not limited to, San Francisco Police Code Sections , commonly referred to as the San Francisco Fair Chance Ordinance; and Chapter XVII, Article 9 of the Los Angeles Municipal Code, commonly referred to as the Fair Chance Initiative for Hiring Ordinance.

All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.

PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity.

If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy.

Please view our Pay Transparency Statement.