– The Incident Handler is responsible for the response to
security incidents, threats and vulnerabilities. Within the
Cyber Fusion Center organization.
– This role requires the ability to fully engage in all
phases of the incident lifecycle, including the skills to
analyse event logs, computer artifacts, and other data
sources to contain and resolve incidents or events,
provide recommendations for remediation and determine
the root cause.
Responsibilities– Identify, respond, and mitigate sophisticated threats to
PepsiCo computer networks.
– Conduct incident response activities, including
advanced investigation (forensic, malware analyses, etc.)
to investigate potential intrusions and develop
remediation guidance.
– Perform the activities necessary for the immediate,
short-term rapid resolution of incidents to minimize
production down time and risk exposure.
– Maintain a professional communicative relationship
with clients and management to provide information
throughout the incident, problem, and change
management cycles.
– Coordinates and drives efforts among multiple
business units during response activities and postmortem.
– Proactive monitoring of client environments using
specialized security applications.
– Provide timely, comprehensive and accurate
information to Information Security leadership in both
written and verbal communications.
– Develop the requisite expertise, knowledge, and ability
to perform independently.
– Routinely develop and update incident response
playbooks to ensure response activities align with best
practices, minimize gaps in response and provide
Qualificationscomprehensive mitigation of threats.
– Participation in after hours on-call rotation when
required
– Bring up innovative ideas, based on your own
experience or information gathered from external
communities, and actively participate into Incident
Response function’s growth.
– Collaborate with CFC teams on project execution and
PepsiCo security improvements.
– Support the production of detailed technical reports
and presentations related to digital investigations.
– Ensure team success through organizational,
functional, and team alignment towards team mission
and objectives.
– Champion and embed GCS understanding, control,
ownership and execution within GCR to achieve an
effective audit rating.
– 4+ years of work experience in information security,
especially in an Information operations / incident role.
– Bachelor or master degree in Information Technology
or related discipline.
– Well seen are relevant technical security certifications
(GIAC, EC-Council, CompTIA, etc.).
– Hands-on troubleshooting, analysis, and technical
expertise to resolve incidents and service requests;
previous experience in troubleshooting day-to-day
operational processes such as security monitoring, data
correlation, security operations, etc.
– Proven experience performing analysis of security
events and incidents, to determine root cause and
provide resolution.
– Hands-on digital forensic and/or malware analysis
experience is a plus.
– Working knowledge of at least three of the following
security tools: host-based antivirus, anti-spam gateway
solutions, firewalls, IDS/IPS, server and network device
hardening, data loss prevention, forensics software,
vulnerability management, website security.
– Competence in using both internal and external
ticketing systems for ITIL-based incident, problem and
change management.
– Solid customer orientation with excellent oral and
written communication skills.
– A team-focused mentality with the proven ability to
work effectively with diverse stakeholders.
– An ability to effectively influence others to modify their
opinions, plans, or behaviors.
– Proactive attitude, seeking for improvement
opportunities which can positively impact the security
posture and the business.
– An ability to work extremely well under pressure while
maintaining a professional image and approach.
– Decision-making capabilities, with an ability to weigh
the relative costs and benefits of potential actions and
identify the most appropriate one.
– Very good English, both written and spoken.
