7100 Corporate Drive
Plano, TX 75023
Information Security Analyst – Pizza Hut US
As an Information Security Analyst working within Pizza Hut and as part of the Yum Global Technology Risk Management team, you will have the opportunity to be involved in all areas of Information Security for Pizza Hut's US Business, from Restaurants to our Ecommerce systems and third party solutions.
As an Information Security Analyst you will have interactions with members of the Pizza Hut technology leadership team and their technology teams, key business unit stakeholders, and collaborate with other highly regarded security professionals from the Global Technology Risk Management team.
While mainly working in Linux and Cloud environments within Amazon Web Services (AWS) and Google Cloud Platform (GCP) you will be an individual contributor responsible for researching, designing, engineering, implementing and supporting information security technologies. Your primary duties will allow you to use your in-depth technical knowledge to help manage and enhance the security posture of our internal systems and third party solutions. Occasional on-call duties may be required.
Daily responsibilities may include the following:
* Provide security architectural advice and guidance
* Threat and Vulnerability management process oversight and communicate threat and vulnerability observations clearly to leaders and subject matter experts properly relaying risk factors
* Oversee the conduct of periodic IT systems risk assessments and control validation.
* Assist in vendor due diligence, questionnaires, contracts and onsite reviews.
* Partner with business and IT to ensure that risks are clearly articulated in a manner that is understood by business and technology audiences
* Initiate, facilitate, and promote activities to create information security awareness within the company.
* Assist in Coordinating stakeholders across Pizza Hut to socialize and drive change regarding IT compliance and risk management
* Apply leading-edge principles, theories, and concepts to the development, maintenance, and implementation of information security standards, procedures, and guidelines.
* Investigate any misuse or improper actions relating to IT, security, or compliance activities.
* Supports internal and external audit activities and remediation requirements.
* Ensure the ongoing integration of information security architecture with business strategies and privacy requirements
* Research and implement new technologies as required to support the ever changing security landscape
* Advanced understanding of network protocols
* Proven experience in designing and building enterprise security services such as Identity and Access Management, Privileged Access Management, Certificate and Key Management, Data Protection, and Vulnerability Management
* Strong knowledge of security best practices for web application design, development, and testing techniques preferred
* Experienced in API architecture and implementation, with API security hardening, security assessment and monitoring experience preferred
* Familiar with Incident Response processes and incident response table top exercise.
* Develop security metrics and produce security reporting including dashboard.
* Understanding of information security architecture and ethical hacking
* Previous professional experience with enterprise SIEM is required (IBM QRadar preferred)
* Experience with PCI and audits is required
* Knowledge of SANS 20 Security Controls, NIST 800-53, SOC 2 Type II, ISO 27001/02 etc.
* Ability to explain detailed findings to non-technical professionals
* Excellent report writing and presentation skills
* Able to work independently but also as part of a team
* Flexibility to change direction and manage conflicting demands
* Outstanding organizational and data analytics skills
* Comfortable working multiple projects
* Cloud experience is preferred
* Scripting and programming (python/regex) experience preferred
* Knowledge of Infrastructure as code/Terraform is preferred
* Bachelor's degree preferred
* One or more of these –CISSP, GCIH, GWAPT, a Native Cloud Security certification (AWS or GCP), or similar
* Additional certification like PMP a plus
Who We Are
Founded in 1958, Pizza Hut - a subsidiary of Yum! Brands, Inc. - now operates more than 18,000 restaurants in more than 100 countries. Pizza Hut is leading the way in providing customers with great experiences, innovating with technology and new products, as well as delivering exceptional service.
Our People & Culture
We're looking for people who LOVE pizza and thrive in a fun, past paced, and customer-centric environment. At our corporate campuses, Pizza Hut has created the perfect place for you to grow your career. Every day, you'll work to support our franchisees and teams across the U.S., continuously challenging yourself to feed more possibilities. In return, we'll provide professional development and career growth opportunities so that you can become your best and achieve your goals. And we'll sweeten the deal by immersing you in our world-class recognition culture and providing a robust array of benefits, some highlights include:
* 4 weeks PTO, plus standard holidays and time off to volunteer
* Generous parental leave (16 weeks for moms, 6 weeks for dads)
* 401(k) with 6% match, vested immediately
* On-site daycare
* 24/7 fitness center with laundry services
* Half-day Fridays, year round
As a global company, Pizza Hut aims to make the world better by acting responsibly with respect to food, planet and people. Whether it's donating food through the Harvest Program or supporting literacy with the Pizza Hut BOOK IT! Program – the company, our franchisees and our team members are committed to improving the communities we serve.
Pizza Hut is an equal opportunity workplace and committed to fostering an inclusive, diverse culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, disability and genetic information (including family medical history).