About PepsiCo

PepsiCo is one of the world's largest food and beverage companies, with iconic brands consumed over a billion times daily across more than 200 countries. In Mexico, PepsiCo has been a household name for over 116 years, featuring beloved brands like Sabritas, Gamesa, Quaker, Pepsi, Gatorade, and Sonrics. We foster a culture of curiosity, innovation, and inclusivity, where every individual can dare to be themselves and drive positive change. From leadership to front-line roles, PepsiCo empowers employees to shape the future while making the world a better place.

Role Overview

As an Info Security Specialist within PepsiCo's Cyber Fusion Center (CFC), you will serve as the Offensive Security Function Lead for Perimeter Security. This critical role involves leading external penetration testing, vulnerability disclosure, and red team engagements to proactively identify and mitigate cyber risks. Based in Miguel Hidalgo, Mexico City, you will drive innovation in offensive security practices, ensuring PepsiCo's global infrastructure remains resilient against evolving threats. This position demands technical expertise, strategic thinking, and a passion for cybersecurity excellence in the fast-paced food and beverage sector.

Your Impact

You will own perimeter security testing, research emerging vulnerabilities, and execute complex penetration tests across web apps, mobile, APIs, cloud, and devices. By chaining exploits, evading defenses, and automating processes, you'll expand testing coverage and report actionable insights to leadership.

Key Responsibilities

In this leadership role, your responsibilities include:

• Serving as the technical lead for perimeter security testing, including external pentests and vulnerability disclosure.
• Researching new vulnerabilities and offensive security capabilities to stay ahead of threats.
• Owning process improvements, documentation, and project completion for perimeter security functions.
• Conducting black, gray, and white box penetration tests across diverse technologies, chaining exploits as needed.
• Generating concise, actionable reports, validating remediations, and peer-reviewing for quality.
• Managing third-party pen test and red team engagements, triaging requests, and leading scoping calls.
• Supporting automation via scripting in Python, Bash, or PowerShell, and validating bug bounty findings.
• Performing OSINT, validating asset exposures, and contributing to incident response.
• Reporting metrics and KPIs to leadership while coaching junior team members.
• Collaborating with CFC teams to align on PepsiCo's security objectives.

Qualifications & Requirements

We seek seasoned professionals with:

• Bachelor's degree in information technology or related field, or equivalent experience.
• 10+ years in hands-on technical information security roles, including 4+ years in offensive security, DFIR, AppSec, or Vulnerability Management.
• 2+ years in a senior or lead offensive security role.
• Mandatory certifications: OSCP, OSCE, GPEN, GWAPT, or GXPN.
• Proficiency with tools like Burp Suite, Metasploit, Nmap, BloodHound; C2 frameworks; Linux/Windows management.
• Strong scripting (Python, Bash, PowerShell) or programming (Java, C#, C++) skills.
• Knowledge of frameworks: MITRE ATT&CK, NIST CSF, ISO 27001, CIS, OWASP.
• Experience across IT/Cybersecurity domains preferred; ability to work after-hours as needed.

Benefits & Perks

Joining PepsiCo offers unparalleled rewards:

• Competitive salary estimated at 65,000 - 95,000 MXN monthly, based on Mexico food & beverage sector rates.
• Work with globally iconic brands and a portfolio driving billions in daily consumption.
• Inclusive, welcoming culture supporting diversity in background, identity, and lifestyle.
• Comprehensive professional development, including certifications and leadership training.
• Modern office in Miguel Hidalgo, Mexico City, with collaborative Cyber Fusion Center environment.
• Health benefits, wellness programs, and employee discounts on PepsiCo products.
• Opportunities for global mobility within PepsiCo's vast network.

Career Growth

At PepsiCo, career progression is driven by your ambition. As Offensive Security Lead, you'll gain visibility with executive leadership, contribute to strategic cyber initiatives, and mentor emerging talent. With experience, advance to senior CFC roles, global security architecture, or CISO-track positions. PepsiCo invests in upskilling through certifications, conferences, and internal mobility programs, ensuring your expertise evolves with industry threats.

Why Join Us

PepsiCo Mexico is at the forefront of cybersecurity in the food and beverage industry, protecting assets that power daily lives worldwide. In Miguel Hidalgo, you'll collaborate with top-tier teams in a vibrant, innovative hub. Dare for better with us—leverage your offensive security skills to safeguard iconic brands, influence global standards, and build a rewarding career in a company that values impact over hierarchy. No matter your background, PepsiCo welcomes you to make a difference.

Role FAQs

What experience is required?

10+ years in infosec, 4+ in offensive security, with leadership experience and required certifications like OSCP.

Is this a remote role?

Primarily on-site in Miguel Hidalgo, Mexico City, with potential for hybrid flexibility and after-hours support.

What tools will I use?

Burp Suite, Metasploit, Nmap, C2 frameworks, scripting languages, and defensive monitoring tech.

How does PepsiCo support certifications?

We encourage and fund relevant certifications to keep your skills cutting-edge.

What's the team structure?

Part of the Cyber Fusion Center's Offensive Security Team, collaborating cross-functionally for PepsiCo-wide security.