.OverviewAre you ready to shape the future of secure applications at PepsiCo?PepsiCo's Global Application Security Program is at the forefront of integrating automated security testing into our CI/CD pipelines and ensuring continuous monitoring to identify and manage security risks. As an Application Security Engineer, you will be responsible for driving the integration of these automated security tools into our pipelines while developing scalable full-stack solutions, middleware, and automation systems.You'll play a critical role in executing strategic application security objectives, offering expert guidance on vulnerability triage and remediation, and fostering a culture of proactive security across the organization. Our mission is to make security risks visible and actionable, ensuring vulnerabilities are addressed promptly and effectively.ResponsibilitiesYour day-to-day with us:Implementing and managing automated security tools within CI/CD pipelines, ensuring seamless integration and enhanced security posture.Integrating and operating a centralized findings management system to efficiently manage and track security vulnerabilities and remediation efforts.Defining and implementing strategies to configure automated security tools for optimal performance. You'll also establish and monitor KPIs to measure effectiveness and drive continuous improvement.Developing and maintaining greenfield automation solutions and full-stack applications to support and enhance application security.Tuning rule sets and detections for automated security tools to improve detection capabilities and reduce false positives.Providing expert guidance in triaging and remediating security vulnerabilities, and mentoring team members and engineering teams in understanding and addressing security issues.Fostering a collaborative environment that promotes knowledge sharing, and mentoring junior engineers to build a skilled security team.Continuously researching and presenting new concepts to improve the business's application security posture, staying up to date with the latest security trends and practices.Developing technical documentation such as system designs, architecture diagrams, data flows, and functional specifications.Contributing to the future state of cybersecurity by conducting technical assessments between the current and desired states across security tools and services.Developing program metrics to continuously measure progress and impact, and driving improvements.Collaborating with senior leadership and cross-functional teams, including DevOps, development teams, security operations, data & analytics, enterprise architecture, platform teams, and sector functions.Executing projects, objectives, and deliverables in alignment with the team's vision, mission, and goals.Engaging in knowledge transfer sessions, technical design reviews, security reviews, and business review meetings