Overview:
The Application Security Engineer plays a pivotal role in leading the charge to integrate automated security testing into our CI/CD pipelines to enable continuously monitoring of application risks. You will be at the forefront of developing full-stack applications and automation solutions that directly enhance our security posture. Your mission will be to build and manage tools and capabilities that make security findings visible and actionable. You’ll guide teams in triage and remediation, configure and optimize automated security tools, and foster a proactive security culture across the organization. This role is for someone passionate about building scalable software solutions and driving real impact by embedding security seamlessly into the development lifecycle. You're a part of an application security team in Poland with a manager in our site in Plano, Texas.
Why should you join this team?
you will have maximum autonomy & 100% ownership
this is a high-impact role which will affect all future applications at Pepsi Co
How do we work and what do we offer?
we work in a hybrid model (1 day per week from the office in Warsaw, Plac Konesera)
we offer a contract of employment
the most important benefits of this position: annual bonus, private healthcare, life insurance, Multisport, private pension plan, employee assistance program
Responsibilities:
What are your daily tasks?
you're developing and maintaining full-stack applications and automation tools to support security testing in CI/CD pipelines.
you're building and managing systems that track, report, and centralize key security metrics and findings.
you're customizing and tuning detection rules for automated security tools to enhance detection accuracy and reduce false positives.
you're helping drive triage efforts, providing clear guidance on remediation to cross-functional teams.
you're implementing and integrating generative AI technology to revolutionize application security.
you're playing a crucial role in shaping the security framework and practices within the organization, impacting thousands of developers and a multitude of applications globally
you're engaging in continuous research to stay abreast of the latest trends and developments in application security and software development
Technologies & tools we use: Microsoft Azure, Git Hub Enterprise, DAST/SAST/Secret/SCA/Container scanning (Invicti/Semgrep/Snyk), API security (Noname), Web application Firewall (Imperva WAF), Python/Typescript/Go
Qualifications:
What will you bring to the team?
3-4 years of relevant experience
working experience in Python / C# / Go / Java or any modern programming languages
experience in full-stack development
exceptional problem-solving skills, with a creative and innovative mindset