OverviewWork with engineering teams to develop and improve our CI / CD pipelines that enforce proper versioning and branching practices using technologies like Github, Github Actions, ArgoCD, Kubernetes, Docker and Terraform.
Create, deploy & maintain Kubernetes based platforms for a variety of different workloads in AWS and Azure.
Responsibilities- Implement and manage threat detection protocols, processes and systems.
- Conduct regular vulnerability assessments and ensure timely remediation of flagged incidents.
- Ensure compliance with internal security policies and external regulations like PCI.
- Lead the integration of security tools such as Wiz, Snyk, DataDog and others within the Pepsico infrastructure.
- Automate security processes using tools like Cloud Custodian, Kubernetes, and Terraform.
- Monitor security alerts and incidents, ensuring timely resolution.
- Work closely with IT, development, and compliance teams to implement and uphold security measures.
- Coordinate with PepsiCo's broader security teams to align Digital Commerce security practices with corporate standards.
- Provide security expertise and support to various teams within the organization.
- Advocate and enforce security best practices, such as RBAC and the principle of least privilege.
- Educate and train staff on security protocols and practices.
- Continuously review, improve and document security policies and procedures.
Qualifications- 2+ years of experience deploying secure infrastructure to Azure platforms, AWS platforms, and GCP, using tooling like AWS security HUB and/or Azure Cloud Security Posture Management.
- 2+ years of experience in automating infrastructure and security processes using Terraform, Cloud Custodian, or Kubernetes
- 3+ years of experience with threat detection systems and conducting vulnerability assessments (eg Splunk, Tenable Nessus, Qualys)
- 2+ years of experience in developing and maintaining incident response protocols (eg JIRA (for incident tracking), PagerDuty, Sumo Logic)
- 3+ years of experience in ensuring compliance with internal security policies and external regulations (eg AWS Cloud Compliance, Azure Policy, GCP Compliance Center, Cloud Custodian, OPA)
- 2+ years of experience integrating and managing security tools within high uptime environment. (eg Wiz, Snyk, DataDog)
- 3+ years of experience with Python or similar programming languages
- 3+ years of experience with Git, Gitlab or GitHub.
- Current skills in following technologies:
- Kubernetes
- Terraform
- AWS or Azure (Azure Preferred).
- GitHub Actions or Gitlab workflow.
- DataDog SIEM or Splunk.
- Cloud Custodian or OPA (or equivalent)
- SAST software (Snyk, WIZ preferred)
- AWS IAM, Azure AD, Okta
- 1+ year of Kubernetes, ideally running workloads in a production environment.
- Good understanding of software development lifecycle.
- CISSP, CCSP, CISM, CDP certs are a plus
