Application Security Assessment analyst
Job Title: Application Security Assessment analyst
Location: Plano, TX
Category: IT and Internet
The Application Security Assessment analyst will have a wide range of vulnerability management responsibilities, with emphasis on risk assessment, remediation, and application owner engagement to ensure the removal of vulnerabilities from mobile and embedded technology solutions. This individual will be directly responsible for mobile and embedded vulnerability research, analysis, categorization, and communication of risks posed in the context of these technologies. This is a technical hands-on role that will utilize your mobile application development and security skills.
- Perform security code reviews encompassing application development (e.g., web, mobile).
- Perform analysis of 3rd party and in-house or enterprise mobile apps and produce report output based on the results.
- Leverage industry data standards and practices, including OWASP Mobile Top 10, CWE, PCI-DSS, MAPP-SRG, and common platform guidelines from Apple and Google.
- Maintain, execute, and refine processes to monitor, collect, and update information about threats and vulnerabilities for input into a continuous vulnerability remediation process.
- Review source code from a security perspective and produce recommendations and best practices outputs in various formats
- Leverage developer tools, such as Xcode, Eclipse, or Android Studio to perform reviews and perform analysis leveraging file system forensics and network analysis expertise in Wireshark and Burp
- Apply custom scripts to automate the collection and formatting of data, and use experience working in past mobile development efforts to provide optimizations to current app review process
- Participate in a collaborative team within dynamic, fast-paced, high-collaboration environment
- BA/BS in Engineering, Computer Science, Information Security, or related work experience
- 1 - 3 years of experience developing web and mobile applications preferred
- 3+ years of professional experience
- Experience with iOS or Android SDKs frameworks and software architecture
- Proven experience with vulnerability assessment tools such as Fortify Source Code Analyzer or equivalent tools
- Strong written and oral communication skills
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.
PepsiCo is an equal opportunity employer Minorities/Females/People with Disabilities/Protected Veterans/Sexual Orientation/Gender Identity.
If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law (http://pep.jobs/eeo-poster) & EEO is the Law Supplement (http://pep.jobs/eeo-poster-supplement) documents by copying and pasting the appropriate URL in the address bar of your web browser.
To view our Pay Transparency Statement, please click here: Pay Transparency StatementJob Ref: 109463BR",
Performance with Purpose
Out performing ourselves is a rush. That's why we perform with purpose. Together, we blaze new trails, succeed, celebrate and then do something even bigger. We never settle for second best. At PepsiCo we're not just committed to performing well as individuals, but as a team, to strengthen the company as a whole.
Around the world, we're working hard to give people the tastes they crave and the nutrition they need. We dream globally and act locally, constantly innovating to sustain our planet, our people, our communities and our business practices. New markets mean new ways of doing business, and new ways of addressing health concerns, cultural differences and environmental challenges. Every day is an adventure, and an opportunity for personal and professional growth.