Senior Information Security Engineer

Overview Within the Cyber Fusion Center (CFC), the Infrastructure Security Team is seeking a highly skilled and experienced Information Security Analyst with 3 to 4 years of experience in Vulnerability Management, Security Automation, and Risk Mitigation. This role requires strong programming skills (Python, PowerShell, Bash, or equivalent) to develop scalable automation solutions for vulnerability detection, remediation, and reporting. The ideal candidate will have deep expertise in Tenable, ServiceNow Vulnerability Response (VR) module, Configuration Compliance (CC) module, cloud security, SAP/Onapsis, and third-party security platforms (Okta, SAP, ServiceNow, Salesforce, M365). As a senior analyst, you will be responsible for leading vulnerability management initiatives, driving security automation strategies, integrating security data into ServiceNow, and providing technical guidance to junior analysts. You will also play a key role in maturing the vulnerability management program, enhancing risk visibility, and improving remediation efficiency through automation. Responsibilities Security Automation & API Development Develop, optimize, and maintain automation scripts in Python, PowerShell, or Bash to streamline vulnerability management and remediation. Design API-driven integrations between Tenable, ServiceNow VR, and ITSM platforms for automated vulnerability tracking and reporting. Automate security workflows, including vulnerability ingestion, prioritization, ticketing, and remediation orchestration. Develop and maintain custom security tools to enhance scanning, reporting, and response capabilities. Vulnerability Management & Risk Prioritization Lead enterprise-wide vulnerability assessments using Tenable, Qualys, or Nexpose, ensuring comprehensive risk identification. Implement risk-based prioritization models using automation to focus on critical security threats. Maintain and optimize the ServiceNow Vulnerability Response (VR) module for seamless vulnerability lifecycle management. Work closely with IT and development teams to ensure timely and effective remediation efforts. Security Platform & ServiceNow Integration Oversee the full integration of Tenable vulnerability data into ServiceNow VR for enhanced tracking and automation. Improve Configuration Compliance monitoring by developing automated controls for audit findings and remediation workflows. Ensure that security data is accurate, actionable, and seamlessly integrated with IT operations. Network & Security Protocols Expertise Apply expert knowledge of networking and security protocols to identify security risks. Understand common port numbers and assess their security implications. Collaborate with network and firewall teams to enhance segmentation, reduce attack surfaces, and enforce security policies. Security Operations & Compliance Automation Lead compliance automation initiatives to align with PCI-DSS, NIST, ISO 27001, and CIS benchmarks. Develop scripts and automation tools to generate compliance reports, track remediation progress, and reduce manual overhead. Stay ahead of emerging threats, vulnerabilities, and regulatory requirements, continuously improving security automation strategies. Leadership & Mentorship Provide technical leadership to junior security analysts, guiding them in security automation best practices. Collaborate with cross-functional teams to define security automation strategies and implement scalable solutions. Document automation workflows, vulnerability management playbooks, and security integration processes to enhance team knowledge. Accountabilities Execute on projects, objectives, and deliverables in alignments with team vision, mission, and goals. Routinely develop and update offensive security documentation, processes, and technologies to adapt to emerging threat landscape. Develop automation to scale global offensive capabilities and operational resiliency. Collaborate with partner teams, service owners, and senior leadership to influence, prioritize, and drive the resolution of discovered security findings. Create and deliver trainings; and participate in security reviews, audits, on-site engagements, and support incidents after-hours when required. Compensation and Benefits: The expected compensation range for this position is between $80,200 - $134,250. Location, confirmed job-related skills, experience, and education will be considered in setting actual starting salary. Your recruiter can share more about the specific salary range during the hiring process. Bonus based on performance and eligibility target payout is 8% of annual salary paid out annually. Paid time off subject to eligibility, including paid parental leave, vacation, sick, and bereavement. In addition to salary, PepsiCo offers a comprehensive benefits package to support our employees and their families, subject to elections and eligibility: Medical, Dental, Vision, Disability, Health, and Dependent Care Reimbursement Accounts, Employee Assistance Program (EAP), Insurance (Accident, Group Legal, Life), Defined Contribution Retirement Plan. Qualifications Education / Years of experience Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent hands-on experience). 3 to 4 years of experience in cybersecurity, vulnerability management, and security automation. Mandatory Technical Skills Strong coding skills in Python, PowerShell, Bash, or equivalent languages (ability to write, optimize, and maintain scripts for security automation). Expertise in API development and integration between security tools (Tenable, ServiceNow, ITSM platforms). Advanced experience with vulnerability management tools such as Tenable, Qualys, or Nexpose. Deep knowledge of ServiceNow VR module, including configuration, automation, and integration. Strong understanding of network security protocols and common port numbers. Experience managing security configurations for third-party platforms (Okta, SAP, ServiceNow, Salesforce, M365). Proven ability to lead security automation initiatives and mentor junior analysts. Strong analytical, troubleshooting, and problem-solving skills. Preferred Qualifications (Nice to Have): Experience with cloud security automation (AWS, Azure, GCP). Knowledge of infrastructure-as-code (Terraform, Ansible) for security automation. Familiarity with security frameworks like MITRE ATT&CK, NIST, CIS Benchmarks. Security certifications (CISSP, OSCP, GIAC, AWS Security Certs) are a plus Non-technical Skills A proactive and positive team player who is impact-focused, driven, curious, analytical, and a self-starter. Demonstrated ability to autonomously make high-judgment decisions and take calculated risks. Ability to establish trust relationships and influence others to positively impact the security posture and the business. Flexible and adaptive to support a dynamic and global environment with diverse stakeholders and ambiguity. Solid customer orientation with excellent oral and written communication skills in English. Must be able to operate extremely well under pressure while maintaining a professional. Differentiating behaviors Experience driving large-scale risk reduction initiatives across Fortune 500 organizations. Ability to weigh the relative costs/benefits/trade-offs of potential actions and identify the best resolution. Ability to organize tasks, manage time, and prioritize actions to meet business needs. EEO Statement Our Company will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Fair Credit Reporting Act, and all other applicable laws, including but not limited to, San Francisco Police Code Sections 4901-4919, commonly referred to as the San Francisco Fair Chance Ordinance; and Chapter XVII, Article 9 of the Los Angeles Municipal Code, commonly referred to as the Fair Chance Initiative for Hiring Ordinance. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity / Age If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy. Please view our Pay Transparency Statement. Security Automation & API Development Develop, optimize, and maintain automation scripts in Python, PowerShell, or Bash to streamline vulnerability management and remediation. Design API-driven integrations between Tenable, ServiceNow VR, and ITSM platforms for automated vulnerability tracking and reporting. Automate security workflows, including vulnerability ingestion, prioritization, ticketing, and remediation orchestration. Develop and maintain custom security tools to enhance scanning, reporting, and response capabilities. Vulnerability Management & Risk Prioritization Lead enterprise-wide vulnerability assessments using Tenable, Qualys, or Nexpose, ensuring comprehensive risk identification. Implement risk-based prioritization models using automation to focus on critical security threats. Maintain and optimize the ServiceNow Vulnerability Response (VR) module for seamless vulnerability lifecycle management. Work closely with IT and development teams to ensure timely and effective remediation efforts. Security Platform & ServiceNow Integration Oversee the full integration of Tenable vulnerability data into ServiceNow VR for enhanced tracking and automation. Improve Configuration Compliance monitoring by developing automated controls for audit findings and remediation workflows. Ensure that security data is accurate, actionable, and seamlessly integrated with IT operations. Network & Security Protocols Expertise Apply expert knowledge of networking and security protocols to identify security risks. Understand common port numbers and assess their security implications. Collaborate with network and firewall teams to enhance segmentation, reduce attack surfaces, and enforce security policies. Security Operations & Compliance Automation Lead compliance automation initiatives to align with PCI-DSS, NIST, ISO 27001, and CIS benchmarks. Develop scripts and automation tools to generate compliance reports, track remediation progress, and reduce manual overhead. Stay ahead of emerging threats, vulnerabilities, and regulatory requirements, continuously improving security automation strategies. Leadership & Mentorship Provide technical leadership to junior security analysts, guiding them in security automation best practices. Collaborate with cross-functional teams to define security automation strategies and implement scalable solutions. Document automation workflows, vulnerability management playbooks, and security integration processes to enhance team knowledge. Accountabilities Execute on projects, objectives, and deliverables in alignments with team vision, mission, and goals. Routinely develop and update offensive security documentation, processes, and technologies to adapt to emerging threat landscape. Develop automation to scale global offensive capabilities and operational resiliency. Collaborate with partner teams, service owners, and senior leadership to influence, prioritize, and drive the resolution of discovered security findings. Create and deliver trainings; and participate in security reviews, audits, on-site engagements, and support incidents after-hours when required. Compensation and Benefits: The expected compensation range for this position is between $80,200 - $134,250. Location, confirmed job-related skills, experience, and education will be considered in setting actual starting salary. Your recruiter can share more about the specific salary range during the hiring process. Bonus based on performance and eligibility target payout is 8% of annual salary paid out annually. Paid time off subject to eligibility, including paid parental leave, vacation, sick, and bereavement. In addition to salary, PepsiCo offers a comprehensive benefits package to support our employees and their families, subject to elections and eligibility: Medical, Dental, Vision, Disability, Health, and Dependent Care Reimbursement Accounts, Employee Assistance Program (EAP), Insurance (Accident, Group Legal, Life), Defined Contribution Retirement Plan. Education / Years of experience Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent hands-on experience). 3 to 4 years of experience in cybersecurity, vulnerability management, and security automation. Mandatory Technical Skills Strong coding skills in Python, PowerShell, Bash, or equivalent languages (ability to write, optimize, and maintain scripts for security automation). Expertise in API development and integration between security tools (Tenable, ServiceNow, ITSM platforms). Advanced experience with vulnerability management tools such as Tenable, Qualys, or Nexpose. Deep knowledge of ServiceNow VR module, including configuration, automation, and integration. Strong understanding of network security protocols and common port numbers. Experience managing security configurations for third-party platforms (Okta, SAP, ServiceNow, Salesforce, M365). Proven ability to lead security automation initiatives and mentor junior analysts. Strong analytical, troubleshooting, and problem-solving skills. Preferred Qualifications (Nice to Have): Experience with cloud security automation (AWS, Azure, GCP). Knowledge of infrastructure-as-code (Terraform, Ansible) for security automation. Familiarity with security frameworks like MITRE ATT&CK, NIST, CIS Benchmarks. Security certifications (CISSP, OSCP, GIAC, AWS Security Certs) are a plus Non-technical Skills A proactive and positive team player who is impact-focused, driven, curious, analytical, and a self-starter. Demonstrated ability to autonomously make high-judgment decisions and take calculated risks. Ability to establish trust relationships and influence others to positively impact the security posture and the business. Flexible and adaptive to support a dynamic and global environment with diverse stakeholders and ambiguity. Solid customer orientation with excellent oral and written communication skills in English. Must be able to operate extremely well under pressure while maintaining a professional. Differentiating behaviors Experience driving large-scale risk reduction initiatives across Fortune 500 organizations. Ability to weigh the relative costs/benefits/trade-offs of potential actions and identify the best resolution. Ability to organize tasks, manage time, and prioritize actions to meet business needs.