Overview

Work with engineering teams to develop and improve our CI / CD pipelines that enforce proper versioning and branching practices using technologies like Github, Github Actions, ArgoCD, Kubernetes, Docker and Terraform. Create, deploy & maintain Kubernetes based platforms for a variety of different workloads in AWS and Azure.

Responsibilities

• Implement and manage threat detection protocols, processes and systems.
• Conduct regular vulnerability assessments and ensure timely remediation of flagged incidents.
• Ensure compliance with internal security policies and external regulations like PCI.
• Lead the integration of security tools such as Wiz, Snyk, DataDog and others within the Pepsico infrastructure.
• Automate security processes using tools like Cloud Custodian, Kubernetes, and Terraform.
• Monitor security alerts and incidents, ensuring timely resolution.
• Work closely with IT, development, and compliance teams to implement and uphold security measures.
• Coordinate with PepsiCo's broader security teams to align Digital Commerce security practices with corporate standards.
• Provide security expertise and support to various teams within the organization.
• Advocate and enforce security best practices, such as RBAC and the principle of least privilege.
• Educate and train staff on security protocols and practices.
• Continuously review, improve and document security policies and procedures.

Qualifications

• 2+ years of experience deploying secure infrastructure to Azure platforms, AWS platforms, and GCP, using tooling like AWS security HUB and/or Azure Cloud Security Posture Management.
• 2+ years of experience in automating infrastructure and security processes using Terraform, Cloud Custodian, or Kubernetes
• 3+ years of experience with threat detection systems and conducting vulnerability assessments (eg Splunk, Tenable Nessus, Qualys)
• 2+ years of experience in developing and maintaining incident response protocols (eg JIRA (for incident tracking), PagerDuty, Sumo Logic)
• 3+ years of experience in ensuring compliance with internal security policies and external regulations (eg AWS Cloud Compliance, Azure Policy, GCP Compliance Center, Cloud Custodian, OPA)
• 2+ years of experience integrating and managing security tools within high uptime environment. (eg Wiz, Snyk, DataDog)
• 3+ years of experience with Python or similar programming languages
• 3+ years of experience with Git, Gitlab or GitHub.
• Current skills in following technologies:
• Kubernetes
• Terraform
• AWS or Azure (Azure Preferred).
• GitHub Actions or Gitlab workflow.
• DataDog SIEM or Splunk.
• Cloud Custodian or OPA (or equivalent)
• SAST software (Snyk, WIZ preferred)
• AWS IAM, Azure AD, Okta
• 1+ year of Kubernetes, ideally running workloads in a production environment.
• Good understanding of software development lifecycle.
• CISSP, CCSP, CISM, CDP certs are a plus