PepsiCo · 5 days ago
Senior Security Engineer – Vulnerability Management & Automation
Plano, TX
Full-time
Onsite
Mid, Senior Level
$89K/yr - $149K/yr
6+ years expPepsiCo is seeking an experienced Senior Security Engineer with expertise in Vulnerability Management and Security Automation. The role involves leading security automation initiatives, optimizing vulnerability remediation workflows, and mentoring junior analysts while ensuring compliance with industry standards.
Brand MarketingFast-Moving Consumer GoodsFood and BeverageManufacturing
Responsibilities
Advanced Security Automation & API Development
Develop, optimize, and scale automation scripts (Python, PowerShell, Bash) to improve vulnerability detection, tracking, and remediation
Design custom API integrations between Tenable, Onapsis, ServiceNow VR, and ITSM platforms to automate security workflows
Implement security automation playbooks that reduce manual efforts and accelerate response times
Engineer custom security solutions to streamline vulnerability scanning and compliance reporting
Lead enterprise-wide vulnerability assessments using Tenable, Onapsis, Qualys, or Nexpose
Implement automated risk-based prioritization models, leveraging AI/ML-driven insights where applicable
Oversee and optimize the ServiceNow VR module for scalable vulnerability tracking, exception management, and automated ticketing
Work closely with IT and business stakeholders to define remediation SLAs, risk thresholds, and compliance requirements
Lead the security assessment of SAP environments, ensuring compliance with industry standards and best practices
Automate the ingestion of Onapsis vulnerability findings into ServiceNow VR for enhanced tracking and resolution
Work with SAP teams to remediate misconfigurations, unauthorized access risks, and compliance gaps
Develop automation frameworks to monitor SAP security posture and streamline remediation workflows
Manage the full integration of Tenable, Onapsis, and Configuration Compliance findings into ServiceNow VR
Enhance Configuration Compliance monitoring by automating the processing of audit findings and risk exceptions
Ensure that security data is accurate, actionable, and seamlessly integrated with ITSM and GRC platforms
Apply expert-level knowledge of networking and security protocols (e.g., TCP/IP, HTTP/S, SSH, FTP, DNS, SSL/TLS, VPNs, RDP)
Assess security implications of common ports (e.g., 443 (HTTPS), 22 (SSH), 3389 (RDP), 53 (DNS), 445 (SMB)) and automate network security controls
Work on firewall rule reviews, segmentation strategies, and security policy enforcement
Design automation workflows for PCI-DSS, NIST, ISO 27001, and CIS benchmarks compliance
Develop tools to generate real-time compliance reports, track remediation progress, and reduce audit preparation time
Stay ahead of emerging threats, regulatory changes, and vulnerability trends, continuously refining security automation strategies
Provide technical leadership in vulnerability management, SAP security, and security automation
Drive strategic discussions with IT, business, and leadership teams to align security initiatives with organizational goals
Mentor junior and mid-level security analysts, sharing best practices in automation, API development, and risk prioritization
Develop comprehensive security documentation, playbooks, and process improvements
Qualification
Required
7+ years of experience in cybersecurity, vulnerability management, and security automation
Strong programming skills in Python, PowerShell, Bash, or equivalent languages for security automation
Deep expertise in SAP security and Onapsis vulnerability management
Advanced API development skills, integrating security platforms (Tenable, Onapsis, ServiceNow, ITSM)
Strong experience with ServiceNow VR module, including automation, custom workflows, and integrations
Hands-on experience with Tenable, Qualys, or Nexpose for enterprise vulnerability scanning
Expert-level understanding of network security protocols and common port numbers
Experience securing third-party platforms (Okta, SAP, ServiceNow, Salesforce, M365)
Proven ability to lead security automation initiatives and mentor junior analysts
Strong analytical, troubleshooting, and problem-solving skills
Preferred
Experience with cloud security automation (AWS, Azure, GCP)
Infrastructure-as-Code (Terraform, Ansible) for security automation
Familiarity with SAP Basis, HANA security, and GRC compliance
Experience with machine learning-driven security automation
Security certifications (CISSP, OSCP, GIAC, AWS Security Certs, Onapsis Certified Expert) are a plus
Benefits
Bonus based on performance and eligibility target payout is 10% of annual salary paid out annually.
Paid time off subject to eligibility, including paid parental leave, vacation, sick, and bereavement.
Medical, Dental, Vision, Disability, Health, and Dependent Care Reimbursement Accounts, Employee Assistance Program (EAP), Insurance (Accident, Group Legal, Life), Defined Contribution Retirement Plan.
Company
PepsiCo
PepsiCo is a food and beverage company.
10001+ employees
H1B Sponsorship
PepsiCo has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (50)
2024 (52)
2023 (62)
2022 (61)
2021 (49)
2020 (34)
Funding
Current Stage
Public CompanyTotal Funding
$4BKey Investors
Elliott Management Corp.National Safety Council
2025-09-02Post Ipo Equity· $4B
2024-06-13Grant· $0.02M
2017-12-20IPO
Leadership Team
Alex Carreteiro
CEO PepsiCo Brazil & South Cone (Chile, Arg, Uru, Par) Foods
Mohamed Shelbaya
CEO PepsiCo Middle East & Africa
Recent News
2026-01-11
Company data provided by crunchbase