"This role does not support C2C arrangements or visa sponsorship."
Job Description
Overview
Info Security Specialist is the primary contact for providing guidance on information security risk management issues and processes within the PepsiCo Corporate and Global Function. The role requires creative, resourceful approaches and proactive engagement with stakeholders across IT, Information Security, business and corporate teams to identify and mitigate risk. This role works on a small team focused on vulnerability/exceptions analysis and risk landscape monitoring, as well as driving efficiencies in information security services, and improved data protection activities. Working to embed security in Corporate & Global Function (CGF) business solutions while keeping pace with the speed of the business is a main priority of this role.
Responsibilities
Key Responsibilities:
Security Operations Automation and Response:
- Collaborate closely with Incident Response and Security Operations teams, actively addressing their most complex challenges and repetitive processes through innovative solutions. This includes responding to feature requests and conducting proactive research to identify and address their most critical pain points.
- Streamline and automate repetitive Security Operations processes by identifying opportunities to reduce key metrics such as Mean Time to Resolution (MTTR), Mean Time to Detection (MTTD), and dwell time, ultimately enhancing operational efficiency.
- Utilize data analytics to improve security alert management, analyzing metrics like false positive rates to proactively address potential issues and mitigate risks before they escalate.
Expert Python Development:
- Write, maintain, and improve automation scripts and tools in Python to streamline DevSecOps workflows.
- Build robust security tools, frameworks, and pipelines using Python to integrate security into CI/CD processes.
- Develop and optimize API services and back-end components using Python.
Infrastructure as Code (IaC):
- Implement and manage infrastructure using IaC tools such as Terraform, Ansible, Azure Bicep, etc
- Automate cloud infrastructure provisioning and configuration for secure and scalable environments.
- Collaborate with security architects to design resilient, high-availability infrastructure that meets security compliance standards.
Security Integration:
- Integrate security tools, practices, and automation into the DevOps pipeline to ensure end-to-end security for applications and infrastructure.
- Perform security audits, code scans, and implement automated remediation.
- Ensure adherence to best security practices (OWASP, CIS Benchmarks, etc.) in application development and deployment processes.
Application Design:
- Collaborate with development teams to design secure, scalable, and high-performance application architectures.
- Perform high-level application design, defining the architecture and major components.
- Conduct low-level design tasks, including designing algorithms, data structures, and interfaces.
- Work closely with software architects and developers to ensure secure coding practices and design patterns are followed.
CI/CD Pipeline Management:
- Design, implement, and maintain CI/CD pipelines with a focus on security (secure builds, code scanning, artifact management).
- Collaborate with development and operations teams to automate and secure deployment pipelines.
- Ensure that code is delivered in a repeatable and reliable manner using best practices in DevOps and continuous integration.
Monitoring and Troubleshooting:
- Monitor system performance,error messages, security, and availability in production environments.
- Ability to communicate effectively across teams to troubleshoot and drive resolution of issues. Whether through debugging of systems you own, or communicating with vendors or third-party teams.
- Ability to methodically debug application and underlying system errors.
Qualifications
- Education: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
- Experience:
- 5+ years of experience in DevOps, Security Engineering, or Software Development.
- Proven expertise in Python programming, including designing and implementing large-scale systems and tools.
- Hands-on experience with Infrastructure as Code tools such as Terraform, Ansible, or CloudFormation.
- Experience with cloud platforms (AWS, Azure, GCP) and cloud security best practices.
- Solid understanding of security principles, cryptography, authentication, and authorization protocols.
- Experience with CI/CD tools (i.e. Github Actions) and security automation.
Skills:
- Python: Expert in Python programming, capable of writing high-quality, efficient, and maintainable code.
- IaC Tools: Proficiency with Terraform, Ansible, or similar.
- Application Design: Strong ability to perform both high-level and low-level application design with a focus on security.
- DevSecOps Tools: Experience with tools such as insomnia, ngrok, containers, and automated testing frameworks.
- Version Control: Expertise in Git and branching strategies.
- Collaboration: Excellent communication skills, with the ability to collaborate with cross-functional teams.
Preferred:
- Certifications such as Azure DevOps Engineer Expert, AWS Certified DevOps Engineer, Certified Kubernetes Administrator (CKA), or similar.
- Experience with containerization (Docker, Kubernetes) and orchestration tools.
- Familiarity with modern security frameworks and compliance requirements (e.g., SOC2, ISO27001).