OT Cybersecurity Compliance Specialist
Description:
Note: This position will be a Hybrid position, 3 days onsite and 2 days remote in Plano TX.
Overview
The OT Cybersecurity Compliance Specialist role partners with sector cyber risk owners to drive sector supply chain compliance to Cybersecurity Policy and OT-specific standards and controls. This role will ensure OT controls testing and compliance initiatives are completed and will guide risk owners through the Cybersecurity OT Issues and Exceptions process. The role will provide support for process improvement initiatives through analysis, documentation, and testing.
Responsibilities
The OT Cybersecurity Compliance Specialist role partners with sector cyber risk owners to drive sector supply chain compliance to Cybersecurity Policy and OT-specific standards and controls. This role will ensure OT controls testing and compliance initiatives are completed and will guide risk owners through the Cybersecurity OT Issues and Exceptions process. The role will provide support for process improvement initiatives through analysis, documentation, and testing.
Provide training and insights to Sector OT Leads on OT cybersecurity standards, controls, compliance, metrics, and reporting
Partner with OT Sector Leads to drive compliance with PepsiCo OT-specific standards and controls
Monitor and drive control testing at local plants (i.e., anti-virus, system patching, backups, recovery and reconstitution, asset inventory)
Guide OT Sector Leads to submit and monitor information security exceptions and risk remediations
Review supplier compliance to PepsiCo standards and services; recommend performance improvements
Partner with InfoSec to provide OT-specific requirements related to process design and modifications
Analyze OT cybersecurity metrics; Provide report requirements that identify sector cyber risks
Ensure OT reporting and dashboard metrics are accurate through data validation
Provide manager insight into sector and plant risk issues and risk mitigations; Recommend actions for improvement
Qualifications
A minimum of a bachelor's degree (BA or BS) in any related field is required
3+ years of Cyber/Information Security or OT/Manufacturing operations
3+ years working with policy and standards (e.g., IEC 62443/ISA 99, NIST SP 800-82, NIST SP 800-53, NIST CSF, ISO27001, COBIT)
3+ years of experience in governance, compliance, and risk processes, or audit assessments
Proficiency in assessing and managing risks, including identifying vulnerabilities, evaluating potential threats, and implementing risk mitigation strategies.
Proficiency in analyzing and interpreting data related to compliance audits, assessments, and monitoring activities.
Proficient in Microsoft suite of tools – Excel (pivot tables), Word, PowerPoint, Power BI
Proficient in search engines and research
Experience partnering and collaborating with global teams having various responsibilities
Ability to drive results and build consensus with internal and external stakeholders
Strong process efficiency and procedure development skills
Excellent verbal and written communication skills
Exceptional analytical and problem-solving skills
Preferred: CISM, CISSP, ISA/IEC 62443 certification