Overview We Are PepsiCo Join PepsiCo and Dare for Better! We are the perfect place for curious people, thinkers and change agents. From leadership to front lines, we're excited about the future and working together to make the world a better place. Being part of PepsiCo means being part of one of the largest food and beverage companies in the world, with our iconic brands consumed more than a billion times a day in more than 200 countries. Our product portfolio, which includes 22 of the world's most iconic brands, such as Sabritas, Gamesa, Quaker, Pepsi, Gatorade and Sonrics, has been a part of Mexican homes for more than 116 years. A career at PepsiCo means working in a culture where all people are welcome. Here, you can dare to be you. No matter who you are, where you're from, or who you love, you can always influence the people around you and make a positive impact in the world. Know more: PepsiCoJobs Join PepsiCo, dare for better. Responsibilities The Opportunity: We are looking for an experienced Senior Cloud Security Engineer with extensive expertise in AWS and Azure cloud environments. The ideal candidate will have a deep understanding of cloud security, infrastructure, and automation, and will be responsible for designing and implementing secure cloud solutions. You will work on a variety of cloud services, focusing on securing and optimizing resources, protecting applications, and enhancing cloud environments with best security practices. Your Impact: As Senior Software Engineer your functions would consist of Cloud Infrastructure Security: Architect, implement, and manage secure cloud solutions on AWS and Azure cloud platforms, including resources like EC2, S3, VPC, Route53, EKS, and Container Registries. WAF & Bot Protection: Configure and manage Web Application Firewalls (WAF) and F5 bot protection to defend web applications against malicious traffic and bot attacks. AWS Advanced Shield & DDoS Protection: Implement AWS Advanced Shield for DDoS protection and configure Rate Limiting mechanisms to safeguard cloud resources from high traffic and abuse. Imperva CDN and Security Tools: Manage Imperva CDN to optimize content delivery with an added layer of security, ensuring fast and secure web access. Networking & Virtualization: Design, secure, and monitor cloud networking components, including VPC, Subnets, NAT Gateways, Security Groups, and Route53 for DNS management. Manage networking within containerized environments like EKS (Elastic Kubernetes Service). Containerization & Orchestration: Secure containerized applications using Kubernetes and Docker, with a focus on integrating Snyk and other container security tools. Logging & Monitoring: Set up cloud-native logging and monitoring services, such as CloudWatch, Azure Monitor, and third-party solutions to ensure compliance, auditability, and proactive threat detection. Open-Source Security & Pipeline Protection: Utilize open-source security tools and enforce best practices for vulnerability management. Implement SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) within CI/CD pipelines. Infrastructure as Code (IaC): Automate cloud infrastructure provisioning and security policies using Terraform, ensuring reproducibility, consistency, and auditability. CI/CD Pipeline Security: Build and maintain CI/CD pipelines with integrated security checks, ensuring that security tools such as SonarQube, Snyk, and container vulnerability scans are part of the build and deployment process. Logging & Monitoring Tools: Implement real-time monitoring and logging using cloud-native services, such as CloudWatch, Azure Monitor, and third-party logging tools, ensuring continuous compliance and early detection of security threats. Cloud Cost Management: Monitor and optimize cloud resources for cost efficiency while maintaining strong security postures. Security Audits & Compliance: Conduct regular security audits, vulnerability assessments, and ensure that all infrastructure adheres to organizational and regulatory compliance. Qualifications Who Are We Looking For? Experience Expertise in AWS and Azure cloud platforms, including services such as EC2, S3, VPC, Route53, EKS, and S3. Strong experience with WAF, F5 bot protection, AWS Advanced Shield, Rate Limiting, and Imperva CDN. Experience securing and orchestrating Kubernetes and Docker environments. Proficiency in Terraform, Shell Scripting, and automating cloud infrastructure. Strong knowledge of CI/CD pipelines with integrated security checks and tools like SonarQube, Snyk, and vulnerability scanning. Familiarity with SAST and DAST tools for application security. Understanding of security monitoring, logging, and auditing using CloudWatch, Azure Monitor, and similar tools. In-depth knowledge of networking security, such as VPC, Security Groups, and Route53. Strong problem-solving skills with the ability to identify and mitigate security threats. If this is an opportunity that interests you, we encourage you to apply even if you do not meet 100% of the requirements. What can you expect from us:   Opportunities to learn and develop every day through a wide range of programs. Internal digital platforms that promote self-learning. Development programs according to Leadership skills. Specialized training according to the role. Learning experiences with internal and external providers. We love to celebrate success, which is why we have recognition programs for seniority, behavior, leadership, moments of life, among others. Financial wellness programs that will help you reach your goals in all stages of life. A flexibility program that will allow you to balance your personal and work life, adapting your working day to your lifestyle. And because your family is also important to us, they can also enjoy benefits such as our Wellness Line, thousands of Agreements and Discounts, Scholarship programs for your children, Aid Plans for different moments of life, among others.   We are an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We respect and value diversity as a work force and innovation for the organization.