Security Standards Consultant
As the Cybersecurity Standards Consultant, you’ll help build a secure environment for our Company. This position will create and maintain Cybersecurity standards, measure and drive the maturity of existing standards, and work with stakeholders to ensure standards meet the requirements of a changing risk landscape. We are looking for people who have a passion for building relationships and will be proud to be a representative of our brands, are results-driven, and are excited to expand cybersecurity capabilities.
What You’ll Do For Us
- Create, manage, and publish Global Cybersecurity Standards and related policies, including S Baselines, Pentest Standards, Patch Standards/Policies, Cloud and Infrastructure Cybersecurity Standards, SDLC application development standards, and processes.
- Ensuring Cybersecurity Standards map back to and support existing Company policy. Review, modify as required, and publish CIS or similar standards for usage within the Company’s environment.
- Measure the maturity of Cybersecurity Standards by mapping back to frameworks such as MITRE ATT&CK. Leverage common/industry-accepted language found in frameworks (like MITRE ATT&CK) to provide a uniform way to interpret definitions and capabilities.
- Ensure the tools we use to assess configurations and vulnerabilities leverage the standards we define.
- Engage with stakeholders to understand the potential impact across the business. Stay current with industry research to ensure the Company’s security standards are modern and responsive to new developments and trends.
- Export knowledge, experience, and processes to our bottling and business partners to build cross-connected capabilities throughout the Coca-Cola System.
Bachelor’s degree or equivalent work experience is required.
Related Work Experience:
Must possess at least two years of experience with:
- CIS controls, benchmarks, and customizations to suit specific environments and risk profiles.
- MITRE framework and developing standards that map tools and capabilities back to the framework.
- Standards or Policy development
- Experience as a Technical Editor, Technical Author, or Technical Writer
- Must possess the ability to seek alternatives and recommend best solutions that gain all parties support and lead to win-win results
- Knowledge of IT and IT Security practice or principles
- Must be able to improve cybersecurity posture by improving standards to balance risk against implementation cost and business requirements
What We Can Do For You
- Innovation & Technology: The ability to work with an award-winning team that is on the cutting edge of innovation.
- Exposure to World Class Leaders: Availability to global technology leaders that will expand your network and exposure you to emerging technologies and techniques.
- Agile Work Environment: We embrace agile, with management that believes in removing barriers, so you are empowered to experiment, iterate, and innovate.
Cybersecurity Controls; MITRE ATT&CK Framework; Cyber Security Standards; Cybersecurity
Our Purpose and Growth Culture:
We are taking deliberate action to nurture an inclusive culture that is grounded in our company purpose, to refresh the world and make a difference. We act with a growth mindset, take an expansive approach to what’s possible and believe in continuous learning to improve our business and ourselves. We focus on four key behaviors – curious, empowered, inclusive and agile – and value how we work as much as what we achieve. We believe that our culture is one of the reasons our company continues to thrive after 130+ years. Visit Our Purpose and Vision to learn more about these behaviors and how you can bring them to life in your next role at Coca-Cola.
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state or local protected class. When we collect your personal information as part of a job application or offer of employment, we do so in accordance with industry standards and best practices and in compliance with applicable privacy laws.