Information Security Analyst

Overview:**We Are PepsiCo****Join PepsiCo and Dare for Better**We are the perfect place for curious people, thinkers and change agents.From leadership to front lines, we're excited about the future and working together to make the world a better place.Being part of PepsiCo means being part of one of the largest food and beverage companies in the world, with our iconic brands consumed more than a billion times a day in more than 200 countries.Our product portfolio, which includes 22 of the world's most iconic brands, such as Sabritas, Gamesa, Quaker, Pepsi, Gatorade and Sonrics, has been a part of Mexican homes for more than 116 years.A career at PepsiCo means working in a culture where all people are welcome.Here, you can dare to be you.No matter who you are, where you're from, or who you love, you can always influence the people around you and make a positive impact in the world.**Know more**:PepsiCoJobs**Join PepsiCo, dare for better.****Responsibilities**:**The Opportunity****Your Impact**As Information Security Analyst your responsibilities would consist of:1. Security Automation & API DevelopmentDevelop, optimize, and maintain automation scripts in Python, PowerShell, or Bash to streamline vulnerability management and remediation.Design API-driven integrations between Tenable, ServiceNow VR, and ITSM platforms for automated vulnerability tracking and reporting.Automate security workflows, including vulnerability ingestion, prioritization, ticketing, and remediation orchestration.Develop and maintain custom security tools to enhance scanning, reporting, and response capabilities.2. Vulnerability Management & Risk PrioritizationLead enterprise-wide vulnerability assessments using Tenable, Qualys, or Nexpose, ensuring comprehensive risk identification.Implement risk-based prioritization models using automation to focus on critical security threats.Maintain and optimize the ServiceNow Vulnerability Response (VR) module for seamless vulnerability lifecycle management.Work closely with IT and development teams to ensure timely and effective remediation efforts.3. Security Platform & ServiceNow IntegrationOversee the full integration of Tenable vulnerability data into ServiceNow VR for enhanced tracking and automation.Improve Configuration Compliance monitoring by developing automated controls for audit findings and remediation workflows.Ensure that security data is accurate, actionable, and seamlessly integrated with IT operations.4. Network & Security Protocols ExpertiseUnderstand common port numbers and assess their security implications.Collaborate with network and firewall teams to enhance segmentation, reduce attack surfaces, and enforce security policies.5. Security Operations & Compliance AutomationLead compliance automation initiatives to align with PCI-DSS, NIST, ISO *****, and CIS benchmarks.Develop scripts and automation tools to generate compliance reports, track remediation progress, and reduce manual overhead.Stay ahead of emerging threats, vulnerabilities, and regulatory requirements, continuously improving security automation strategies.6. Leadership & MentorshipProvide technical leadership to junior security analysts, guiding them in security automation best practices.Collaborate with cross-functional teams to define security automation strategies and implement scalable solutions.Document automation workflows, vulnerability management playbooks, and security integration processes to enhance team knowledge.Qualifications:**Who Are We Looking For?****Education**- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent hands-on experience).**Experience**- 3 to 4 years of experience in cybersecurity, vulnerability management, and security automation.**Mandatory Technical Skills**1. Strong coding skills in Python, PowerShell, Bash, or equivalent languages (ability to write, optimize, and maintain scripts for security automation).2. Expertise in API development and integration between security tools (Tenable, ServiceNow, ITSM platforms).3. Advanced experience with vulnerability management tools such as Tenable, Qualys, or Nexpose.4. Deep knowledge of ServiceNow VR module, including configuration, automation, and integration.5. Strong understanding of network security protocols and common port numbers.6. Experience managing security configurations for third-party platforms (Okta, SAP, ServiceNow, Salesforce, M365).7. Proven ability to lead security automation initiatives and mentor junior analysts.8. Strong analytical, troubleshooting, and problem-solving skills.9. Preferred Qualifications (Nice to Have):10. Experience with cloud security automation (AWS, Azure, GCP).11. Knowledge of infrastructure-as-code (Terraform, Ansible) for security automation.12. Familiarity with security frameworks like MITRE ATT&CK, NIST, CIS Benchmarks.13. Security certifications (CISSP, OSCP,