Web Application Security Technical Lead

  • Company: PepsiCo
  • Posted: August 11, 2016
  • Reference ID: 100084BR
The Application Security Lead Analyst will perform application security assessments, code reviews, and application penetration testing. This position is a great opportunity for someone with strong web application development and security skills. This is a technical hands-on role that will utilize your web application development and security skills but does not involve coding.
  • Conducting web, mobile, and application security assessments, and penetration tests. The assessments involve manual testing and analysis as well as the use of automated web application vulnerability scanning/testing tools.
  • Performing source code reviews using automated tools and manual analysis
  • Writing a formal security assessment report for each application to determine security risk, compliance with documented security standards and remediation requirements
  • Lead meetings with development teams to scope out new requests, deliver assessment results, and consult on application remediation.
  • Develop standard method and process for testing following industry best practice including OWASP testing guide
  • Is responsible for the execution and delivery of planned project deliverables and milestones


  • Bachelor Degree in Computer Science, Mathematics, Engineering or other STEM area of study preferred.
  • Proven understanding of Software Security Architecture and Design
  • 6+ years of professional experience
  • 3-5 years of experience developing and securing web applications
  • Experience performing web application security code, penetration, and analytical testing and using vulnerability testing tools.
  • Experience with JavaScript, JAVA, .NET, and J2EE based applications; knowledge of PHP, IOS, and Android
  • Proven experience with vulnerability assessment tools such as QualysGuard, Fortify Source Code Analyzer, WebInspect, Burp, etc.
  • Experience implementing controls for web and mobile applications
  • Knowledge of OWASP tools and methodologies, web application firewalls, and network security
  • Strong written and oral communication skills

Relocation Eligible

Not Eligible for Relocation

Share this Job