Info Security Analyst

Auto req ID: 267354BR

Job Description

The Application Security Team at PepsiCo is a diverse tight-knit family comprised of people who are
passionate about their craft.

The successful Application Security Engineer plays a chief role in keeping PepsiCo’s Global Portfolio
of web, mobile, and brand sites protected from constantly evolving cyber threats by:

  • Performing vulnerability assessments on PepsiCo internal and 3rd party developed source

code and systems.

  • Serving internal customers by advising and providing expert guidance on remediation

strategies for identified vulnerabilities.

  • Partnering with PepsiCo’s bug bounty and external threat research partners to communicate

externally identified vulnerabilities and ensure remediation outcomes.

  • Working across PepsiCo’s Global DevSecOps and Information Security organizations to

scale Application Security through expanding our toolsets, automation capabilities, and
integration into PepsiCo’s CI/CD pipeline.

  • Proposing change and process improvements to the team by challenging the status quo

through new ideas and novel concepts.

  • COVID-19 vaccination is a condition of employment for this role. Please note that all such company vaccine requirements provide the opportunity to request an approved accommodation or exemption under applicable law

Key Responsibilities:

  • Execute SAST, DAST, and SCA assessments as part of the Application Security Teams

daily operations.

  • Participate in digesting, translating, and communicating vulnerabilities discovered by bug

bounty and external research partner sources.

  • Generate and communicate reports on assessments findings.
  • Summarize and advise on remediation strategies for identified vulnerabilities.
  • Translate application vulnerability risk into business risk and work with internal customers to

communicate risk.

  • Scale Application Security to support PepsiCo’s Global Portfolio of applications through

automation and integration into CI/CD pipelines
Support other Information Security teams by advising on security related incidents where



To be successful in this role, candidate should have:

  • Bachelor’s degree in Computer Science, Software Development, Information Security, a

related discipline, or equivalent working experience.

  • 3 years’ experience in agile full-stack web or mobile application development is strongly


  • Programming experience with one or more of the following

o Java/J2EE, .NET, Python, JavaScript, etc.

  • Understanding of the OWASP Top 10.
  • Experience with Application Security Vulnerability Testing Tools (Fortify, Veracode,

Synopsys, WhiteSource, Snyk, etc.).

  • Experience with Application Security Vulnerability Management Tools (ServiceNow,

DefectDojo, PlexTrac, ThreadFix, etc.).

  • Knowledge of Threat Modeling and Threat Intelligence Tools (RiskIQ, RecordedFuture,

RiskRecon, CrowdStrike, ZeroFOX, Trellix, etc.).


Relocation Eligible: Not Eligible for Relocation
Job Type: Regular

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.

PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity

Our Company will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Fair Credit Reporting Act, and all other applicable laws, including but not limited to, San Francisco Police Code Sections 4901 – 4919, commonly referred to as the San Francisco Fair Chance Ordinance; and Chapter XVII, Article 9 of the Los Angeles Municipal Code, commonly referred to as the Fair Chance Initiative for Hiring Ordinance.

If you’d like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy

Please view our Pay Transparency Statement

More Information

Apply for this job

Leave your thoughts

Share this job