Vacancy expired!
PepsiCo does not offer visa sponsorship for this role
Auto req ID: 217338BR Job Description As the Application Security Assessments Sr. Manager, you will play an instrumental role in keeping PepsiCo's web, mobile, and brand sites protected from cyber threats. As a leader, who is passionate about applications security, you will manage and inspire the Application Security Assessment team; the Application Security Assessment teams is responsible for performing vulnerability assessments on PepsiCo and 3rd party developed source code and systems. You should be an effective communicator as you will work across a variety of internal stakeholders as well as partners and vendors. You will work with "DevSecOps" teams from various organizations to bake-in vulnerability assessments and associated technologies into CI/CD pipeline. Accountabilities/ Responsibilities: • Provide leadership, direction, and strategy on all matters related to the identification and remediation of PepsiCo application vulnerabilities • Sets strategy for application security assessments of COTs products, custom developed applications including web and mobile • Delivers multi-year roadmaps for Application Security Assessments function • Manage contracts with 3rd party vendors including SOWs, RFPs, and escalations • Run day to day operations including application vulnerability assessments and remediation efforts • Generate reports on assessment findings and summarizes to facilitate remediation • Defines and tracks application vulnerability and coverage KPIs/metrics to demonstrate assessment coverage and remediation effectiveness • Communicate security and compliance issues in an effective and appropriate manner • Recommend appropriate containment and remediation strategies to mitigate risks and drive information systems to employ an appropriate level of information security controls Qualifications/Requirements- Bachelor's degree in Computer Science, Cyber Security, or the equivalent
- 6+ years of experience in information security vulnerability management role
- Good understanding of Agile Software Development Methodologies
- Exposure to the Application Security Vulnerabilities (as listed in OWASP Top 10), Security Testing methodologies and related tools such as Fortify, WebInspect, Snyk, BurpSuite
- Programming experience with one or more of the following: C/C, C#, Java/J2EE, JavaScript, AJAX, PHP, Eclipse, Visual Studio, etc.
- A broad and deep understanding of cybersecurity threats, vulnerabilities, controls, and remediation strategie
- Applied knowledge and experience in cybersecurity, vulnerability management, application security, and security and controll
- Excellent interpersonal skills and strong verbal and written communication
- Certifications such as (e.g., GIAC, CISSP, CISM, CRISC, CIPP, CISA, GICSP are preferred
Vacancy expired!