Info Security Assoc Manager

Overview:**We Are PepsiCo**Join PepsiCo and Dare for Better We are the perfect place for curious people, thinkers and change agents. From leadership to front lines, we're excited about the future and working together to make the world a better place.Being part of PepsiCo means being part of one of the largest food and beverage companies in the world, with our iconic brands consumed more than a billion times a day in more than 200 countries.Our product portfolio, which includes 22 of the world's most iconic brands, such as Sabritas, Gamesa, Quaker, Pepsi, Gatorade and Sonrics, has been a part of Mexican homes for more than 116 years.A career at PepsiCo means working in a culture where all people are welcome. Here, you can dare to be you. No matter who you are, where you're from, or who you love, you can always influence the people around you and make a positive impact in the world.**Know more**:PepsiCoJobs**Join PepsiCo, dare for better.****Responsibilities**:**The Opportunity**The Information Security Assessment (ISA) Lead - AI/ML Engineer is responsible for safeguarding PepsiCo’s digital assets by assessing the compliance of new and changing systems against information security requirements and driving the integration of AI-driven automation and agentic intelligence within the ISA program.This role bridges Cybersecurity, Risk Management, and AI engineering, enabling secure delivery of PepsiCo’s technology solutions through risk-based assessments, intelligent automation, and data-driven decision-making. The ISA Lead partners with Information Security, AI/ML, Architecture, and DevSecOps teams to modernize assessment processes, develop AI agents, and strengthen PepsiCo’s global security posture.**Your Impact**As Info Security Assoc Manager your scope would consist of:- AI & Automation Enablement: Develop and deploy AI-powered tools and conversational agents that enhance ISA workflows such as automated data collection, risk summarization, and control validation. Utilize OpenAI, Azure AI, ServiceNow agentic AI, Crew.ai, Copilot Studio, or LangChain to create intelligent assistants that augment human assessments and improve cycle time and accuracy.- Risk Communication: Identify, quantify, and communicate technology risks and vulnerabilities to both technical and business stakeholders. Explain scan, penetration test, and AI-analysis results in clear business language and recommend effective mitigation strategies.- Project Lifecycle Reviews: Review designs and controls across project phases to ensure security and privacy requirements are met. Recommend compensating controls and influence adoption of secure architectures within Agile and DevOps pipelines.- Data & Knowledge Engineering: Leverage vector databases (e.g., Azure Cognitive Search, Pinecone, Weaviate) and Retrieval-Augmented Generation (RAG) techniques to enhance risk knowledge retrieval, automate control mapping, and contextualize ISA findings.- Metrics Management & Reporting: Manage operational metrics for ISA and GRC programs using ServiceNow and Power BI dashboards to visualize throughput, SLA adherence, and residual risk trends. Drive data-driven improvements and transparency in assessment performance.- Collaboration & Education: Collaborate across Information Security, AI, IT, and business functions to ensure understanding and adherence to security standards. Champion the adoption of AI-driven solutions and Responsible AI practices within the security domain.- Continuous Improvement & Proactive Security: Govern ISA processes through continuous optimization and innovation. Stay current with emerging threats, AI ethics, and cloud security trends, embedding intelligence and automation into assessment and governance practices.Qualifications:**Who Are We Looking For?****Experience**:A minimum of 5 years of experience in Information Security, IT Risk Management, Security Architecture, or AI/ML driven automation roles.**Mandatory Technical Skills**:- Strong understanding of information security frameworks and standards (NIST 800-53, ISO 27002, CIS, OWASP, MITRE ATT&CK).- Experience with AI/ML tools and APIs such as OpenAI, Azure AI, Crew.ai, Copilot Studio, LangChain, or similar.- Proficient in Power BI for data visualization, KPI tracking, and executive reporting.- Foundational scripting or development experience (Python, JavaScript).- Familiarity with vector databases and RAG-based knowledge retrieval techniques.- Strong understanding of Azure, AWS, Salesforce, ServiceNow, or SAP security principles.- Ability to interpret and explain vulnerability and penetration testing results clearly to mixed audiences.**Mandatory Non-Technical Skills**:- Proven ability to influence and educate stakeholders on cybersecurity and AI best practices.- Recognized as a trusted advisor capable of representing PepsiCo Information Security in multi-disciplinary technical discussions.- Strong communication and presentation