Job Information

The Coca-Cola Company Information Security Lead in Atlanta, Georgia

Position Overview: The Information Security Lead at The Coca-Cola Company will be a part of the Global Cybersecurity team. In this role you will drive initiatives to improve the security posture of Company operating units (OU), production plants, subsidiaries, and franchise bottlers in North America. The successful candidate will deliver this mission by understanding the Global Cybersecurity strategy and roadmap and executing it through collaboration across Technology Services, Global Cybersecurity internal functions, and franchise bottler IT teams, to deliver measurable results for The Coca-Cola System. The successful delivery of your responsibilities will ensure that the business is equipped with the necessary programs, services, and solutions to securely achieve their business goals. The position will work cross functionally within our networked organization and global System, and reports to the Global Lead of Cyber Services, with clear networked relationships to OU and Functional leadership in this geography.

Function Related Activities/Key Responsibilities

  • Franchise Bottler Engagement

  • Develop and maintain relationships with key security and IT executives at bottlers in your geography.

  • Understand and support the business and IT strategies at each bottler in your geography.

  • Assist bottlers in your geography with the development of their cybersecurity roadmap and the overall improvement in their cyber security program.

  • Participate as an active member of the cybersecurity subcommittee in support of delivering cybersecurity initiatives for the improvement of bottlers across the System.

  • Operating Unit Support

  • Develop and maintain relationships with key IT and business leadership and stakeholders across your supported operating units.

  • Understand and support key business and IT strategies across your supported operating units.

  • Understand and communicate key Global Cybersecurity activities across your supported operating units, such as cybersecurity awareness, third party risk, and incident response. Specifically, be an extension of the Global Cybersecurity team and coordinate similar activities in your geography to help bridge time zones.

  • Organize local security summits in your geography, in conjunction with global security summits that are organized by the Global Cybersecurity team.

  • Promote company security requirements and guidelines to IT stakeholders and ensure they have the knowledge to apply them appropriately.

  • Understand and support the delivery of key applications and programs within your supported operating units.

  • Corporate Liaison

  • Develop and maintain relationships with key IT and business leadership and stakeholders across the enterprise.

  • Understand and support key business and IT strategies across the enterprise and facilitate alignment across your supported OUs.

  • Facilitate collaboration of leadership and subject matter experts across the enterprise and within your supported OUs.

Education Requirements:

  • Bachelor’s Degree in Appropriate Field Required.

  • Relevant industry certification preferred – CISA, CRISC, CISSP and/or CISM. AWS Associate or Professional Certifications and/or MCSE: Cloud Platform and Infrastructure.

Related Work Experience:

  • 10 to 12 years of work experience in governance, risk, compliance and cloud security or relevant related field.

  • Audit and control experience with information technology audit practices, procedures, and methodologies. Experience as an IT auditor or risk advisor for a professional services firm, or in industry.

  • Technical understanding of Amazon virtual private clouds (VPCs), security groups, network access controls lists (ACLs), AWS IAM and/or Microsoft Azure virtual networks, network security groups, security rules, and Azure AD.

  • Technical experience designing, implementing, and/or supporting enterprise technology solutions.

  • Technical experience identifying and mitigating risk using comprehensive security controls and technologies.

  • Ability to communicate to and influence senior management and technical subject matter experts.

  • Excellent communication and presentation skills, as well as ability to present to various levels of IT and business leadership.

Leadership Behaviors:

DRIVE INNOVATION: Generate new or unique solutions and embrace new ideas that help sustain our business (encompassing everything from continuous improvement to new product and package innovation)

COLLABORATE WITH SYSTEM, CUSTOMERS, and OTHER STAKEHOLDERS: Develop and leverage relationships with stakeholders to appropriately stretch and impact the System (Company and Bottler)

ACT LIKE AN OWNER: Deliver results, creating value for our brands, our System, our customers and key stakeholders

INSPIRE OTHERS: Inspire people to deliver our mission and 2020 Vision, demonstrate passion for the business and give people a reason to believe anything is possible

DEVELOP SELF AND OTHERS: Develop self and support others’ development to achieve full potential

Growth Behaviors:

  • Growth Mindset: Demonstrates Curiosity. Welcomes failure as a learning opportunity.

  • Smart Risk: Makes bold decisions/recommendations

  • Externally Focused: Understands the upstream and downstream implications of his/her work. Tracks and shares external trends, best practices, or ideas.

  • Performance Driven & Accountable: Has high performance standards. Outperforms her/his peers.

  • Fast/Agile: Removes barriers to move faster. Experiments and adapts. Thrives under pressure and fast pace.

  • Empowered: Brings solutions instead of problems. Challenges the status quo. Has the courage to take an unpopular stance.

Functional Skills:

  • Manage or participate in cross-functional teams to promote technology strategies, analyze and test products, or perform pilot and first implementations of new technologies in order to integrate new technologies into the Company's Global infrastructure.

  • Develop or deliver standards-related training or architecture updates (e.g., hardware, methodology, software packages, business data, security, retention, delivery methods and tools) to stakeholders (e.g., stewards, custodians, SAP power users, application teams) in order to ensure standards compliance and quality master data.

  • Orchestrate the deployment of resources (e.g., people, infrastructure, financial, informational) from Coca-Cola (e.g., client, internal service providers) and third parties in order to ensure successful project completion.

  • Create a communications plan (e.g., memos, letters, plan review meetings, status lists) to ensure frequent, accurate and timely communication to all stakeholders and to solidify commitment to the project plan.

  • Prepare overall implementation plans, including a detailed schedule of all activities (e.g., data conversions, cutover activities, security assignments, training, testing) and the assignment of appropriate resources, in order to move the application into a production environment.

Our Purpose and Growth Culture:

We are taking deliberate action to nurture an inclusive culture that is grounded in our company purpose, to refresh the world and make a difference. We act with a growth mindset, take an expansive approach to what’s possible and believe in continuous learning to improve our business and ourselves. We focus on four key behaviors – curious, empowered, inclusive and agile – and value how we work as much as what we achieve. We believe that our culture is one of the reasons our company continues to thrive after 130+ years. Visit Our Purpose and Vision to learn more about these behaviors and how you can bring them to life in your next role at Coca-Cola.

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state or local protected class. When we collect your personal information as part of a job application or offer of employment, we do so in accordance with industry standards and best practices and in compliance with applicable privacy laws.