About PepsiCo

PepsiCo is one of the world's leading food and beverage companies, with an extensive portfolio of iconic brands including Pepsi, Lay's, Gatorade, and Quaker. Operating in over 200 countries, PepsiCo employs more than 300,000 people globally and generates annual revenues exceeding $90 billion. In Poland, PepsiCo has a strong presence with manufacturing facilities, distribution networks, and innovation hubs, contributing significantly to the local economy. As a forward-thinking employer, PepsiCo invests heavily in sustainability, digital transformation, and cybersecurity to protect its operations and customer data. Joining PepsiCo means becoming part of a dynamic team that values innovation, integrity, and impact.

Role Overview

The Cybersecurity PCI Governance Lead position in Warszawa, Poland, is a critical role within PepsiCo's Cybersecurity organization. This individual contributor role reports to the CISO and focuses on ensuring unwavering adherence to Payment Card Industry Data Security Standard (PCI DSS). You will serve as the primary liaison with the PCI Governance Committee, providing strategic guidance, oversight, and coordination across cybersecurity and business teams. Your efforts will drive compliance initiatives, manage risk alignment, and support program execution to safeguard PepsiCo's payment processing ecosystems. This role demands a proactive approach to maintaining governance frameworks, supporting assessments, advising on policy updates, and fostering awareness through targeted trainings. With PepsiCo's global scale, you'll handle complex interactions with business units, third-party partners, and external auditors, making a tangible difference in organizational compliance posture.

Strategic Impact

In this position, you'll play a pivotal role in mitigating risks associated with credit card handling technologies used by PepsiCo and its partners. By monitoring remediation activities, conducting control effectiveness checks, and promoting best practices, you'll help PepsiCo maintain its reputation as a secure and trustworthy brand in the food and beverage sector.

Key Responsibilities

As Cybersecurity PCI Governance Lead, your day-to-day will involve a blend of strategic oversight and hands-on coordination:

• Support the CISO in PCI Program management, including coordinating the PCI Governance Committee and maintaining up-to-date policies.
• Collect and aggregate PCI compliance information from all business units for centralized, executive-level reporting.
• Collaborate with the Cybersecurity PCI Assessment team and business units on assessment and remediation activities.
• Monitor PCI compliance remediation progress through weekly meetings with assessment teams and periodic sessions with business owners.
• Enhance PCI compliance awareness among PepsiCo associates via targeted trainings and communication campaigns.
• Conduct ongoing checks for the effectiveness of PCI DSS-related controls across business units.
• Serve as the custodian for all PCI Program documentation, ensuring accuracy and accessibility.
• Provide expert guidance to business teams and program management to sustain PCI DSS compliance.
• Work within the PCI Governance structure to identify innovative solutions and adapt to evolving standards like PCI DSS 4.0 and beyond.

Qualifications & Requirements

To excel in this role, candidates must bring proven expertise in PCI compliance:

• 3-5 years of PCI (or similar) individual contributor assessment experience.
• Detailed knowledge of PCI DSS 4.0 requirements, interpretations, and assessment approaches; ongoing maintenance of PCI ISA (Internal Security Assessor) certification via annual training and exams is required post-onboarding.
• Strong understanding of diverse technologies and architectures used by PepsiCo and its external partners, with insight into information security risks.
• Proficiency in information security requirements within contracts with global third parties handling credit cards.
• Knowledge of credit card handling technologies to assess impacts and support business objectives.
• Demonstrated track record in process improvements, excellent verbal and written communication, strong analytical skills, and adaptability in a dynamic environment.

Certifications and Professional Development

PepsiCo will support obtaining the PCI ISA certification upon onboarding, ensuring you stay at the forefront of industry standards.

Benefits & Perks

PepsiCo offers a premium compensation package tailored to top talent in Poland:

• Competitive salary range estimated at 180,000 - 260,000 PLN annually, with transparent disclosure during interviews per Polish regulations.
• Comprehensive health insurance, including private medical care and dental coverage.
• Retirement savings plan with company matching contributions.
• Flexible working arrangements, including hybrid options in our modern Warszawa office.
• Generous paid time off, parental leave, and wellness programs.
• Employee discounts on PepsiCo products and perks like gym memberships.
• Access to global mobility programs and leadership training.

Career Growth

At PepsiCo, career progression is a priority. This role offers a clear path to senior cybersecurity leadership, with opportunities to influence global PCI strategies. You'll gain exposure to cross-functional teams, third-party ecosystems, and emerging technologies. PepsiCo's commitment to employee development includes mentorship, certifications, and internal mobility—many leaders started in specialized roles like this. Leverage our Learning Academy for PCI advancements and broader cybersecurity skills, positioning you for roles like PCI Program Director or Regional CISO.

Why Join Us

PepsiCo Poland is more than an employer; it's a launchpad for cybersecurity professionals passionate about compliance in a high-stakes industry. Work on cutting-edge PCI initiatives in a collaborative environment with access to world-class resources. Our Warszawa hub fosters innovation amid Poland's thriving tech scene. Contribute to a company prioritizing ethical practices, as evidenced by our Whistleblower Protection procedures. With a focus on sustainability and digital security, PepsiCo empowers you to make a global impact while enjoying work-life balance and premium rewards.

Role FAQs

What is the estimated salary for this role?

Based on market rates for similar positions in Poland's food and beverage sector, expect 180,000 - 260,000 PLN yearly, with exact details shared in interviews.

Is relocation support available?

For Poland-based candidates, local hires are preferred; international talent may qualify for relocation assistance—discuss in interviews.

What certification is required?

PCI ISA certification is required post-onboarding; PepsiCo provides support to obtain it.

Is this a remote role?

Hybrid model in Warszawa, balancing office collaboration with flexibility.

How does PepsiCo support professional growth?

Through certifications, trainings, mentorship, and global opportunities tailored to cybersecurity experts.