Senior Cloud Security Engineer

Meet Our Team:

Cloud Security Engineering (CSE) is responsible for designing, implementing, and maintaining security measures to protect organization's cloud infrastructure, applications, and data. We develop security policies, perform assessments, configure tools, and provide guidance to ensure secure cloud environments. CSE partners closely with the Cloud Service Reliability and Cloud Engineering teams to ensure every solution is secure, reliable, available, and observable.

Picture Yourself at Pega:

You will be part of a highly innovative company changing how companies work and optimize their outcomes. In this role you will be part of a highly collaborative team that is well versed and skilled in their space. You will be an adaptive/flexible change agent driving data driven decisioning while seeing the benefits of your hard work turn into business outcomes.

What You'll Do at Pega:

As a Senior  Cloud Security Engineer at Pega, you will play a critical role in protecting our cloud platforms, applications, and infrastructure at scale. You will focus on building security-first solutions across AWS/GCP, Kubernetes environments, and endpoint detection platforms, while driving automation through modern engineering practices.
Your responsibilities will include:
• Design and implement cloud-native security controls across AWS and GCP, leveraging services such as IAM, GuardDuty, AWS Config and GCP SCC.
• Build and operate “Security as a Service” platforms to enable scalable, reusable security capabilities as part of provisioning.
• Develop automation/service using Golang and Python to improve Pega Cloud security posture.
• Deploy, integrate, and optimise EDR/XDR solutions (Trend Micro, CrowdStrike) to enhance endpoint and workload protection.
• Secure and operate containerised workloads and Kubernetes environments, ensuring best practices in runtime protection and network controls.
• Configure security alerts, investigate incidents, and lead response activities across cloud and endpoint environments.
• Define and maintain security policies, standards, and guardrails aligned to DevSecOps and enterprise security frameworks.
• Collaborate with engineering teams to embed security into CI/CD pipelines and SDLC processes.
• Solve complex security challenges and drive end-to-end implementation of scalable solutions.
• Stay current on emerging threats, vulnerabilities, and industry best practices in cloud and endpoint security.

Who You Are:

• Strong expertise in AWS security services (IAM, VPC security, GuardDuty, Security Hub, Config, etc.) and working knowledge of GCP security.
• Hands-on experience with EDR/XDR tools such as Trend Micro or CrowdStrike for threat detection and response.
• Solid experience securing Kubernetes and container platforms (runtime security, network policies, image scanning).
• Proficient in development and scripting using Golang and Python, with a strong focus on security automation.
• Experience with Infrastructure-as-Code tools like Terraform and CloudFormation.
• Familiarity with security tooling including vulnerability scanners, CSPM, storage scanning, and continuous monitoring solutions.
• Strong understanding of DevSecOps, CI/CD pipelines (Jenkins, Git, etc.), and secure SDLC practices.
• Good knowledge of Linux systems, networking, and cloud-native architectures.
• Strong analytical mindset with excellent collaboration and communication skills.

What You've Accomplished:

Required Qualifications
• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
• 4+ years of experience in cloud security engineering, with strong exposure to AWS (and/or GCP).
• Proven experience working with EDR/XDR platforms (Trend Micro, CrowdStrike or similar).
• Hands-on experience in cloud security engineering, Kubernetes security, and container ecosystems.
• Strong programming and automation skills using Golang and Python.
• Experience integrating security into DevOps pipelines and CI/CD workflows.
• Experience building or integrating systems using APIs and microservices architectures.
• Experience with infrastructure automation (Terraform, CloudFormation).
Desired Qualifications
·       Familiarity with AI-assisted development tools and platforms (e.g., GitHub Copilot, Claude Code, or similar) to improve productivity, code quality, and security automation.
• Experience with SIEM/log management platforms and security analytics.
• Exposure to advanced detection engineering, threat hunting, or security automation frameworks.
• Certifications such as AWS Security Specialty, CCSP, or GCP Professional Cloud Security Engineer.
• Awareness of compliance frameworks and security governance standards.

Pega Offers You:

• Gartner Analyst acclaimed technology leadership across our categories of products
• Continuous learning and development opportunities
• An innovative, inclusive, agile, flexible, and fun work environment
• Competitive global benefits program inclusive ofpay + bonus incentive, employee equity in the company

• #LI-SK1