Overview We Are PepsiCo Join PepsiCo and Dare for Better! We are the perfect place for curious people, thinkers and change agents. From leadership to front lines, we're excited about the future and working together to make the world a better place. Being part of PepsiCo means being part of one of the largest food and beverage companies in the world, with our iconic brands consumed more than a billion times a day in more than 200 countries. Our product portfolio, which includes 22 of the world's most iconic brands, such as Sabritas, Gamesa, Quaker, Pepsi, Gatorade and Sonrics, has been a part of Mexican homes for more than 116 years. A career at PepsiCo means working in a culture where all people are welcome. Here, you can dare to be you. No matter who you are, where you're from, or who you love, you can always influence the people around you and make a positive impact in the world. Know more: PepsiCoJobs Join PepsiCo, dare for better. Responsibilities The Opportunity The ASM team is seeking a highly skilled and experienced Information Security Analyst with 3 to 4 years of experience in Vulnerability Management, Security Automation, and Risk Mitigation. This role requires strong programming skills (Python, PowerShell, Bash, or equivalent) to develop scalable automation solutions for vulnerability detection, remediation, and reporting. The ideal candidate will have deep expertise in Tenable, ServiceNow Vulnerability Response (VR) module, Configuration Compliance (CC) module, cloud security, and third-party security platforms (Okta, SAP, ServiceNow, Salesforce, M365). Your Impact As Information Security Analyst your responsibilities would consist of: 1. Security Automation & API Development Develop, optimize, and maintain automation scripts in Python, PowerShell, or Bash to streamline vulnerability management and remediation. Design API-driven integrations between Tenable, ServiceNow VR, and ITSM platforms for automated vulnerability tracking and reporting. Automate security workflows, including vulnerability ingestion, prioritization, ticketing, and remediation orchestration. Develop and maintain custom security tools to enhance scanning, reporting, and response capabilities. 2. Vulnerability Management & Risk Prioritization Lead enterprise-wide vulnerability assessments using Tenable, Qualys, or Nexpose, ensuring comprehensive risk identification. Implement risk-based prioritization models using automation to focus on critical security threats. Maintain and optimize the ServiceNow Vulnerability Response (VR) module for seamless vulnerability lifecycle management. Work closely with IT and development teams to ensure timely and effective remediation efforts. 3. Security Platform & ServiceNow Integration Oversee the full integration of Tenable vulnerability data into ServiceNow VR for enhanced tracking and automation. Improve Configuration Compliance monitoring by developing automated controls for audit findings and remediation workflows. Ensure that security data is accurate, actionable, and seamlessly integrated with IT operations. 4. Network & Security Protocols Expertise Apply expert knowledge of networking and security protocols (e.g., TCP/IP, HTTP/S, SSH, FTP, DNS, SSL/TLS, VPNs, RDP) to identify security risks. Understand common port numbers and assess their security implications. Collaborate with network and firewall teams to enhance segmentation, reduce attack surfaces, and enforce security policies. 5. Security Operations & Compliance Automation Lead compliance automation initiatives to align with PCI-DSS, NIST, ISO 27001, and CIS benchmarks. Develop scripts and automation tools to generate compliance reports, track remediation progress, and reduce manual overhead. Stay ahead of emerging threats, vulnerabilities, and regulatory requirements, continuously improving security automation strategies. 6. Leadership & Mentorship Provide technical leadership to junior security analysts, guiding them in security automation best practices. Collaborate with cross-functional teams to define security automation strategies and implement scalable solutions. Document automation workflows, vulnerability management playbooks, and security integration processes to enhance team knowledge. Qualifications Who Are We Looking For? Education Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent hands-on experience). Experience 3 to 4 years of experience in cybersecurity, vulnerability management, and security automation. Mandatory Technical Skills 1. Strong coding skills in Python, PowerShell, Bash, or equivalent languages (ability to write, optimize, and maintain scripts for security automation). 2. Expertise in API development and integration between security tools (Tenable, ServiceNow, ITSM platforms). 3. Advanced experience with vulnerability management tools such as Tenable, Qualys, or Nexpose. 4. Deep knowledge of ServiceNow VR module, including configuration, automation, and integration. 5. Strong understanding of network security protocols and common port numbers. 6. Experience managing security configurations for third-party platforms (Okta, SAP, ServiceNow, Salesforce, M365). 7. Proven ability to lead security automation initiatives and mentor junior analysts. 8. Strong analytical, troubleshooting, and problem-solving skills. 9. Preferred Qualifications (Nice to Have): 10. Experience with cloud security automation (AWS, Azure, GCP). 11. Knowledge of infrastructure-as-code (Terraform, Ansible) for security automation. 12. Familiarity with security frameworks like MITRE ATT&CK, NIST, CIS Benchmarks. 13. Security certifications (CISSP, OSCP, GIAC, AWS Security Certs) are a plus Non-technical Skills 1. A proactive and positive team player who is impact-focused, driven, curious, analytical, and a self-starter. 2. Demonstrated ability to autonomously make high-judgment decisions and take calculated risks. 3. Ability to establish trust relationships and influence others to positively impact the security posture and the business. 4. Flexible and adaptive to support a dynamic and global environment with diverse stakeholders and ambiguity. 5. Solid customer orientation with excellent oral and written communication skills in English. 6. Must be able to operate extremely well under pressure while maintaining a professional. If this is an opportunity that interests you, we encourage you to apply even if you do not meet 100% of the requirements. What can you expect from us:   • Opportunities to learn and develop every day through a wide range of programs. • Internal digital platforms that promote self-learning. • Development programs according to Leadership skills. • Specialized training according to the role. • Learning experiences with internal and external providers. • We love to celebrate success, which is why we have recognition programs for seniority, behavior, leadership, moments of life, among others. • Financial wellness programs that will help you reach your goals in all stages of life. • A flexibility program that will allow you to balance your personal and work life, adapting your working day to your lifestyle. • And because your family is also important to us, they can also enjoy benefits such as our Wellness Line, thousands of Agreements and Discounts, Scholarship programs for your children, Aid Plans for different moments of life, among others.   We are an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We respect and value diversity as a work force and innovation for the organization.