Overview:
The Cybersecurity Incident Response Analyst is responsible for the response to security incidents, threats, and vulnerabilities. Within the Cyber Fusion Center organization, this role requires the ability to fully engage in all phases of the incident lifecycle, including the skills to analyze event logs, computer artifacts, and other data sources to contain and resolve incidents or events, provide recommendations for remediation, and determine the root cause.

Responsibilities:

• Identify, respond to, and mitigate sophisticated threats to PepsiCo computer networks.
• Conduct incident response activities, including advanced investigation (forensic, malware analysis, etc.) to investigate potential intrusions and develop remediation guidance.
• Perform the activities necessary for the immediate, short-term, rapid resolution of incidents to minimize production downtime and risk exposure.
• Maintain a professional communicative relationship with clients and management to provide information throughout the incident, problem, and change management cycles.
• Coordinates and drives efforts among multiple business units during response activities and post-mortem.
• Proactive monitoring of client environments using specialized security applications.
• Provide comprehensive and accurate information to the Incident Response Manager for case reporting.
• Develop the requisite expertise, knowledge, and ability to perform independently.
• Contribute to the team’s knowledge base enhancements and process improvements, in order to ensure response activities align with best practices, minimize gaps in response, and provide comprehensive mitigation of threats.
• Participation in after-hours on-call rotation when required.

COMPENSATION & BENEFITS:

• The expected compensation range for this position is between $69,900 - $117,000.
• Location, confirmed job-related skills, experience, and education will be considered in setting actual starting salary. Your recruiter can share more about the specific salary range during the hiring process.
• Bonus based on performance and eligibility target payout is 5% of annual salary paid out annually.
• Paid time off subject to eligibility, including paid parental leave, vacation, sick, and bereavement.
• In addition to salary, PepsiCo offers a comprehensive benefits package to support our employees and their families, subject to elections and eligibility: Medical, Dental, Vision, Disability, Health, and Dependent Care Reimbursement Accounts, Employee Assistance Program (EAP), Insurance (Accident, Group Legal, Life), Defined Contribution Retirement Plan.

Qualifications:

• 3+ years of work experience in information security, especially in an Information operations/incident role.
• Bachelor’s or master’s degree in information technology or related discipline or having equivalent work experience.
• Relevant technical security certifications (GIAC, EC-Council, ISC-2, etc.).
• Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests; previous experience in troubleshooting day-to-day
• operational processes such as security monitoring, data correlation, security operations, etc.
• Proven experience performing analysis of security events and incidents, to determine root cause and provide resolution; working experience against advanced persistent threats is well seen.
• Strong working knowledge of at least three of the following security tools: host-based antivirus, anti-spam gateway solutions, firewalls, IDS/IPS, server and network device hardening, data loss prevention, forensics software, vulnerability management, website security.
• Competence in using both internal and external ticketing systems for ITIL-based incident, problem, and change management.
• Solid customer orientation with excellent oral and written communication skills.
• A team-focused mentality with the proven ability to work effectively with diverse stakeholders.
• An ability to effectively influence others to modify their opinions, plans, or behaviors.
• Proactive attitude, seeking improvement opportunities that can positively impact the security posture and the business.
• An ability to work extremely well under pressure while maintaining a professional image and approach.
• Decision-making capabilities, with an ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
• Very good English, both written and spoken.

:
Our Company will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Fair Credit Reporting Act, and all other applicable laws, including but not limited to, San Francisco Police Code Sections 4901-4919, commonly referred to as the San Francisco Fair Chance Ordinance; and Chapter XVII, Article 9 of the Los Angeles Municipal Code, commonly referred to as the Fair Chance Initiative for Hiring Ordinance.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.
PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity
If you’d like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy.
Please view our Pay Transparency Statemen

• Identify, respond to, and mitigate sophisticated threats to PepsiCo computer networks.
• Conduct incident response activities, including advanced investigation (forensic, malware analysis, etc.) to investigate potential intrusions and develop remediation guidance.
• Perform the activities necessary for the immediate, short-term, rapid resolution of incidents to minimize production downtime and risk exposure.
• Maintain a professional communicative relationship with clients and management to provide information throughout the incident, problem, and change management cycles.
• Coordinates and drives efforts among multiple business units during response activities and post-mortem.
• Proactive monitoring of client environments using specialized security applications.
• Provide comprehensive and accurate information to the Incident Response Manager for case reporting.
• Develop the requisite expertise, knowledge, and ability to perform independently.
• Contribute to the team’s knowledge base enhancements and process improvements, in order to ensure response activities align with best practices, minimize gaps in response, and provide comprehensive mitigation of threats.
• Participation in after-hours on-call rotation when required