Emerging technologies security – senior information security analyst
join to apply for the emerging technologies security – senior information security analyst role at pepsico
emerging technologies security – senior information security analyst
19 hours ago be among the first 25 applicants
join to apply for the emerging technologies security – senior information security analyst role at pepsico
get ai-powered advice on this job and more exclusive features.
we are pepsico
join pepsico and dare for better! We are the perfect place for curious people, thinkers and change agents. From leadership to front lines, we're excited about the future and working together to make the world a better place.
overview
we are pepsico
join pepsico and dare for better! We are the perfect place for curious people, thinkers and change agents. From leadership to front lines, we're excited about the future and working together to make the world a better place.
being part of pepsico means being part of one of the largest food and beverage companies in the world, with our iconic brands consumed more than a billion times a day in more than 200 countries.
our product portfolio, which includes 22 of the world's most iconic brands, such as sabritas, gamesa, quaker, pepsi, gatorade and sonrics, has been a part of mexican homes for more than 116 years.
a career at pepsico means working in a culture where all people are welcome. Here, you can dare to be you. No matter who you are, where you're from, or who you love, you can always influence the people around you and make a positive impact in the world.
know more: pepsicojobs
join pepsico, dare for better.
the opportunity
your impact as as emerging technologies security - senior information security analyst your responsibilities would consist of
for building and operationalizing security solutions in emerging technology areas like containers, api, ai/ml. Our mission is to effectively and efficiently make security risks visible to the business and actionable by them.
within the cyber fusion center, the emerging technologies security team is looking for a highly technical senior information security analyst with 3 to 4 years of expertise in vulnerability management, software development, security automation, and enterprise security operations. This role demands advanced coding skills (python, powershell, bash, or equivalent) to develop automation frameworks that operationalize and integrates security tools to optimizes vulnerability remediation workflows.
as a technical professional, you will lead strategic security initiatives for building and operationalizing security solutions in emerging technology areas like containers, api, ai/ml. You will design scalable security architectures and solutions, review and suggest cots products, and mentor junior analysts.
responsibilities
responsibilities
* develop, optimize, and scale automation scripts (python, powershell, bash) to improve vulnerability detection, tracking, and remediation.
* design custom api integrations between container/api scanning tools, servicenow vr & cc, and itsm platforms to automate security workflows.
* implement security automation playbooks that reduce manual efforts and accelerate response times.
* build security solutions leveraging cots tools to streamline vulnerability scanning and compliance reporting.
* implement automated risk-based vulnerability prioritization models, leveraging ai/ml-driven insights where applicable.
* leverage and optimize the servicenow vr module for scalable vulnerability tracking, exception management, and automated ticketing.
* work closely with it and business stakeholders to define remediation slas, risk thresholds, and compliance requirements.
* lead the security assessment of container/api environments, ensuring compliance with industry standards and best practices.
* automate the ingestion of container/api vulnerability findings into servicenow vr for enhanced tracking and resolution.
* ensure that security data is accurate, actionable, and seamlessly integrated with itsm and grc platforms.
* apply expert-level knowledge of networking and security protocols (e.g., tcp/ip, http/s, ssh, ftp, dns, ssl/tls, vpns, rdp).
* develop tools to generate automated compliance reports, track remediation progress, and reduce audit preparation time.
* stay ahead of emerging threats, regulatory and vulnerability trends, continuously refining security automation strategies.
* conduct technical design reviews, evaluate security tools, and lead/participate in discussions to improve tool effectiveness.
* provide technical expertise in vulnerability management, container/api security, and security automation.
* define and track kpis to gauge security effectiveness and direct continuous improvement efforts.
* mentor junior and mid-level security analysts, sharing best practices in automation, api development, and risk prioritization.
* develop comprehensive security documentation, playbooks, and process improvements.
accountabilities
* execute on projects, objectives, and deliverables in alignments with team vision, mission, and goals.
* routinely develop and update security documentation, processes, and technologies to adapt to emerging threat landscape.
* develop automation to scale global resilient security capabilities.
* collaborate with partner teams, service owners, and senior leadership to influence, prioritize, and drive the resolution of discovered security findings.
* participate in security reviews, audits, on-site engagements, and support incidents after-hours when required.
qualifications
who are we looking for?
education & years of experience
* bachelor's degree in cybersecurity, computer science, information technology, or a related field (or equivalent hands-on experience).
* 3 to 4 years of experience in cybersecurity, vulnerability management, software development and security automation.
mandatory technical skills
* strong programming skills in python, powershell, bash, or equivalent languages for security automation.
* knowledge in vulnerability management life cycle.
* proficiency in infrastructure-as-code security (terraform, cloudformation), container security (kubernetes, docker) and serverless environment security.
* experience with runtime security (linux/windows - vm, containers, serverless) and ebpf-based security monitoring for detecting and mitigating threats.
* excellent technical cybersecurity and engineering/development skills, with experience in using apis to integrate disparate security technologies and security platforms (ex: tenable, synk, aquasec, onapsis, servicenow, itsm).
* familiarity or hands-on experience with: networking configurations, routing, firewalling; devops ecosystem: cicd tools, orchestration tools; cloud computing environments (aws, azure, and google compute).
* experience with cloud security automation (aws, azure, gcp).
* proven ability to lead security automation initiatives and mentor junior analysts.
* strong analytical, troubleshooting, and problem-solving skills.
non-technical skills
* strong communication skills, both verbal and written.
* a proactive and positive team player who is impact-focused, driven, curious, analytical, and a self-starter.
* high level of integrity and ethical standards.
* excellent problem-solving skills, with a focus on long-term system sustainability.
* ability to establish trust relationships and influence others to positively impact the security posture and the business.
* operates extremely well under pressure, balancing multiple priorities in a fast-paced environment.
differentiating behaviors:
* focuses on scalable security solutions rather than individual tool deployments.
* uses automation and data-driven decision-making to improve security tooling.
* proactively eliminates security bottlenecks in development workflows.
* ensures security signals are high-fidelity, prioritized, and developer friendly.
* ability to weigh the relative costs/benefits/trade-offs of potential actions and identify the best resolution.
* ability to organize tasks, manage time, and prioritize actions to meet business needs.
if this is an opportunity that interests you, we encourage you to apply even if you do not meet 100% of the requirements.
what can you expect from us:
* opportunities to learn and develop every day through a wide range of programs.
* internal digital platforms that promote self-learning.
* development programs according to leadership skills.
* specialized training according to the role.
* learning experiences with internal and external providers.
* we love to celebrate success, which is why we have recognition programs for seniority, behavior, leadership, moments of life, among others.
* financial wellness programs that will help you reach your goals in all stages of life.
* a flexibility program that will allow you to balance your personal and work life, adapting your working day to your lifestyle.
* and because your family is also important to us, they can also enjoy benefits such as our wellness line, thousands of agreements and discounts, scholarship programs for your children, aid plans for different moments of life, among others.
we are an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We respect and value diversity as a work force and innovation for the organization.
seniority level
* seniority level
mid-senior level
employment type
* employment type
full-time
job function
* job function
information technology
* industries
manufacturing and food and beverage services
referrals increase your chances of interviewing at pepsico by 2x
sign in to set job alerts for “senior technology specialist” roles.
d365 business central senior functional consultant (full-time remote)
enterprise technology finance head for lam
gustavo a. Madero, mexico city, mexico 1 month ago
we’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of ai.
#j-18808-ljbffr