Empleos actuales relacionados con Offensive Security – Development and Integrations Operator - Ciudad de México, Ciudad de México - PepsiCo

  • Senior Security Architect

    hace 4 días

    Ciudad de México, Ciudad de México DFX5 A tiempo completo

    Principal Cloud Security Architect | Offensive Security • DevSecOps • Secure-by-Design PlatformsThis is not a job for policy writers.This is not a role for tool operators.This is a role for security leaders whothink like attackers, build like architects, and operate like engineers.We are seeking aPrincipal Cloud Security Architectto define, execute, and...

  • Marketing & Integrations Specialist

    hace 2 horas

    Ciudad de México, Ciudad de México Digital Resource A tiempo completo

    We are seeking a Marketing & Integrations Specialist to design, build, and maintain the internal tools, automations, and system integrations that support our marketing operations and overall business efficiency. This role is ideal for someone who enjoys solving workflow challenges through scalable software solutions and connecting platforms to streamline...

  • Associate Manager – IT Cloud and Application Security-2

    hace 2 días

    Ciudad de México, Ciudad de México Kraft Heinz A tiempo completo

    Job DescriptionThe Associate Manager – IT Cloud and Application Security will be a critical function responsible for helping to evangelize the Application Security program at Kraft Heinz by fostering a collaborative and educational working relationship between the application security and the business / development teams. We are looking for individuals who...

  • Software Development Engineer

    hace 1 hora

    Ciudad de México, Ciudad de México Ascendion A tiempo completo

    Senior Software Development Engineer: Key Responsibilities:Lead the end-to-end design, development, and delivery of robust APIs and platform services powering 3rd-party and automotive integrations Serve as a technical lead and trusted advisor for the Business Development team on partner-enablement solutions Architect scalable systems that handle high...

  • Product Security Engineer

    hace 5 días

    Ciudad de México, Ciudad de México Aspen Technology A tiempo completo

    The driving force behind our success has always been the people of AspenTech. What drives us, is our aspiration, our desire and ambition to keep pushing the envelope, overcoming any hurdle, challenging the status quo to continually find a better way. You will experience these qualities of passion, pride and aspiration in many ways — from a rich set of...

  • Platform Security Engineer

    hace 3 horas

    Ciudad de México, Ciudad de México Tata Consultancy Services A tiempo completo

    About the CompanyJob Description:Location: Guadalajara, CDMX, QRO, MonterreyMode: HybridCommunication Level in English: Advance/C1/B2/ProfessionalKey Responsibilities:Design and implement security controls for cloud and on-prem platforms.Conduct vulnerability assessments and remediate findings.Develop and enforce security policies for CI/CD pipelines and...

  • Lead Security Operations Engineer

    hace 2 semanas

    Ciudad de México, Ciudad de México Cloudlinux A tiempo completo

    CloudLinux is a global remote-first company. We are driven by our principles: do the right thing, employees first, we are remote first, and we deliver high-volume, low-cost Linux infrastructure and security products that help companies to increase the efficiency of their operations. Every person on our team supports each other and does what we can to ensure...

  • Cloud Security Architect

    hace 7 días

    Ciudad de México, Ciudad de México Diebold Nixdorf A tiempo completo

    Join our global team at Diebold Nixdorf MexicoWe are hiring aCloud Security Architectto design and implement robust security architectures in cloud environments.Ideal Profile: 4+ years in security architecture Experience withAWS/Azure, application and API security Knowledge ofPCI, GDPR, and security frameworksWhy join us? Work with global teams Excellent...

  • Armed and Security Forces Coordinator

    hace 5 días

    Ciudad de México, Ciudad de México International Committee of the Red Cross - ICRC A tiempo completo

    PURPOSEBased in Mexico City, the Armed and Security Forces (ASF) Coordinator has the prime responsibility for developing and contributing to the strategic and operational dialogue with arms carriers in the area of responsibility of the Regional Delegation (Belize, Costa Rica, El Salvador, Guatemala, Honduras, Mexico and Panama).In coordination with...

  • Security Engineer

    hace 2 horas

    Ciudad de México, Ciudad de México Datwyler A tiempo completo

    In billions of syringes and in every second car worldwide, Datwyler components make an important contribution to the safety of patients and drivers. The high-tech company focuses on high-quality, system-critical elastomer components and holds leading positions in attractive global markets such as healthcare, mobility, connectivity, general industry and food...

Offensive Security – Development and Integrations Operator

hace 3 semanas

Ciudad de México, Ciudad de México PepsiCo A tiempo completo

*Overview
We Are PepsiCo*
Join PepsiCo and Dare for Better We are the perfect place for curious people, thinkers and change agents. From leadership to front lines, we're excited about the future and working together to make the world a better place.

Being part of PepsiCo means being part of one of the largest food and beverage companies in the world, with our iconic brands consumed more than a billion times a day in more than 200 countries.

Our product portfolio, which includes 22 of the world's most iconic brands, such as Sabritas, Gamesa, Quaker, Pepsi, Gatorade and Sonrics, has been a part of Mexican homes for more than 116 years.

A career at PepsiCo means working in a culture where all people are welcome. Here, you can dare to be you. No matter who you are, where you're from, or who you love, you can always influence the people around you and make a positive impact in the world.

Know more: PepsiCoJobs

Join PepsiCo, dare for better.

*Responsibilities
The Opportunity*
Within the Cyber Fusion Center, the Offensive Security Team

continuously evaluates PepsiCo's cyber security posture through

penetration tests and red team engagements to proactively identify

gaps and drive mitigations to minimize PepsiCo's cyber risk exposure.

This position will develop and maintain software to integrate existing tools and automate workflows.

Your Impact
As Offensive Security - Development and Integrations Operator your responsibilities would consist of

Responsibilities

  • Integrate, automate and extend existing tools to scale the reach of the Offensive Security team.
  • Serve as the SME for the design, deployment, monitoring and maintenance of cloud infrastructure used during red team exercises.
  • Conduct standard black and gray box penetration tests across multiple technologies including web applications, mobile applications, APIs, infrastructure, cloud environments, and devices.
  • Generate accurate, concise, and actionable penetration test reports.
  • Validate the effectiveness of remediation efforts.
  • Triage and schedule incoming penetration test requests.
  • Peer review reports for quality and accuracy.
  • Participate in purple team exercises by reproducing techniques of known threat actors across multiple tactics categories.
  • Participate in red team exercises.
  • Generate red team reports.
  • Support Incident Response during security incidents as needed.
  • Validate bug bounty findings.
  • Validate perimeter assets for exposure to known vulnerabilities.
  • Perform OSINT and related discovery activities.
  • Coach lower levels.
  • Update the team's operational processes as needed and participate in overall knowledge base improvement.
  • Provide feedback about and update as needed the operational processes and procedures.
  • Maintain a professional communicative relationship with other associates and management.
  • Provide timely, comprehensive and accurate information to Information Security leadership in both written and verbal communications.
  • Develop the requisite expertise, knowledge, and ability to perform independently.
  • Participation in after-hours activities when required.
  • Collaborate with CFC teams on project execution and PepsiCo security improvements.
  • Ensure team success through organizational, functional, and team alignment towards team mission and objectives.

Accountabilities

  • Execute on projects, objectives, and deliverables in alignments with team vision, mission, and goals.
  • Routinely develop and update offensive security documentation, processes, and technologies to adapt to emerging threat landscape.
  • Develop automation to scale global offensive capabilities and operational resiliency.
  • Collaborate with partner teams, service owners, and senior leadership to influence, prioritize, and drive the resolution of discovered security findings.
  • Create and deliver trainings; and participate in security reviews, audits, on-site engagements, and support incidents after-hours when required.

*Qualifications
¿Who Are We Looking For?*
Years of experience

  • Bachelor's degree in information technology, related field or equivalent work experience in a hands-on, technical role plus 3-4 years of experience in a hands-on, technical information security role. At least 1 year in offensive security, DFIR, Application Security, or Vulnerability Management.

Mandatory Technical Skills

  • Demonstrated experience deploying and managing cloud infrastructure and services in an automated and repeatable manner.
  • Demonstrated experience automating workflows using at least one high level scripting or programming language.
  • Familiar with aligning threat and vulnerability management efforts to frameworks and control objectives - MITRE ATT&CK, NIST CSF, ISO27001, CIS, OWASP.
  • Information Security certifications such as OSCP, OSCE, GPEN, GWAPT or GXPN are required.
  • Proficient with security tools (Burp Suite, Metasploit, Nmap, bloodhound, etc.).
  • Proficient in) at least one scripting language (Python, bash, PowerShell) or one programming language (Java, C#, C().
  • Working knowledge of Linux and/or Windows server management.
  • Familiar with one or more C2 frameworks.
  • Familiar with defensive and monitoring technologies such as Intrusion prevention/detection systems (IPS/IDS), Web application firewalls (WAF), security information and event management systems (SIEMs), and endpoint detection/response (EDR) tools, as well as user and entity behavior analytics (UEBA).
  • Working knowledge of public cloud services (Azure, AWS, Alibaba) configuration and hardening.

Non-technical Skills

  • A team-focused mentality with the proven ability to work effectively with diverse stakeholders.
  • Solid customer orientation with excellent oral and written communication skills in English.
  • An ability to effectively influence others to modify their opinions, plans, or behaviors.
  • Proactive attitude, seeking improvement opportunities which can positively impact the security posture and the business.
  • Decision-making capabilities, with an ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
  • An ability to work extremely well under pressure while maintaining a professional image and approach.
  • Flexible and adaptive to support a dynamic and global environment with diverse stakeholders and ambiguity.

Differentiating behaviors

  • Ability to lead globally dispersed teams to achieve a unified outcome.
  • Experience driving large-scale risk reduction initiatives across Fortune 500 organizations.
  • Ability to weigh the relative costs/benefits/trade-offs of potential actions and identify the best resolution.
  • Active community engagement: Bug Bounty program engagements, participation in CTFs, or contributions to open source, etc.
  • Ability to organize tasks, manage time, and prioritize actions to meet business needs.

If this is an opportunity that interests you, we encourage you to apply even if you do not meet 100% of the requirements.

What can you expect from us:

  • Opportunities to learn and develop every day through a wide range of programs.
  • Internal digital platforms that promote self-learning.
  • Development programs according to Leadership skills.
  • Specialized training according to the role.
  • Learning experiences with internal and external providers.
  • We love to celebrate success, which is why we have recognition programs for seniority, behavior, leadership, moments of life, among others.
  • Financial wellness programs that will help you reach your goals in all stages of life.
  • A flexibility program that will allow you to balance your personal and work life, adapting your working day to your lifestyle.
  • And because your family is also important to us, they can also enjoy benefits such as our Wellness Line, thousands of Agreements and Discounts, Scholarship programs for your children, Aid Plans for different moments of life, among others.

We are an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We respect and value diversity as a work force and innovation for the organization.