As a Senior Cloud Security Operations Analyst at Pega, you will play a critical role in safeguarding our cloud infrastructure, services, and customer environments. Youll work closely with cloud engineering, DevOps, and product security teams to identify, investigate, and mitigate security risks across Pega Cloud.

This role combines hands-on technical expertise in security operations with a deep understanding of cloud-native security tools, automation, and incident response frameworks. Youll ensure the integrity, confidentiality, and availability of Pegas cloud services through proactive monitoring, threat detection, and continuous improvement of our security posture.

What Youll Do :

Cloud Security Monitoring & Threat Detection :

- Operate and enhance Pegas cloud security monitoring systems (SIEM, CSPM, CWPP, SOAR).

- Continuously monitor cloud environments (AWS, Azure, GCP) for potential security anomalies, vulnerabilities, and policy violations.

- Investigate alerts, correlate data from multiple sources, and determine root causes of incidents. Incident

Response & Forensics :

- Lead and coordinate incident triage, containment, eradication, and recovery activities for cloud security events.

- Perform log analysis, memory forensics, and root-cause investigations.

- Develop and maintain runbooks, playbooks, and escalation procedures.

Vulnerability Management & Risk Mitigation :

- Collaborate with DevOps and engineering teams to prioritize and remediate vulnerabilities identified through scans and threat intelligence.

- Perform regular risk assessments of cloud assets, applications, and infrastructure configurations.

- Maintain continuous compliance with standards such as ISO 27001, SOC 2, and FedRAMP.

Security Automation & Continuous Improvement :

- Automate routine monitoring and response workflows using tools like Python, PowerShell, or Lambda functions.

- Enhance cloud-native controls (AWS GuardDuty, Security Hub, Azure Defender) and integrate with central SIEM.

- Contribute to the design of secure CI/CD pipelines and DevSecOps best practices.

Governance, Compliance & Reporting :

- Support internal and external audits by ensuring cloud environments meet policy and regulatory requirements.

- Create security dashboards and reports highlighting threat trends, incident metrics, and risk posture improvements.

- Collaborate with architecture and compliance teams to enforce least-privilege access and policy-based governance.

Team Collaboration & Mentorship :

- Partner with cross-functional teams to embed security across the software development lifecycle.

- Mentor junior analysts on threat detection, triage techniques, and secure operations practices.

- Provide technical recommendations during post-incident reviews and security architecture discussions.

Who You Are :

- A proactive, analytical, and detail-oriented security professional with strong expertise in cloud infrastructure security.

- Adept at balancing operational efficiency with risk management and compliance in a large-scale enterprise environment.

- Passionate about automation, modern security tooling, and continuous improvement in cloud security operations.

- Strong communicator capable of translating technical threats into actionable insights for stakeholders.

What Youve Accomplished :

Experience :

- 5- 8 years of experience in Security Operations, Cloud Security, or Incident Response.

Technical Expertise :

- Cloud platforms : AWS (preferred), Azure, GCP.

- Security tools : Splunk, QRadar, Sentinel, Prisma Cloud, CrowdStrike, or equivalent.

- Cloud-native services : GuardDuty, Security Hub, Config, CloudTrail, CloudWatch, Defender for Cloud.

- Container and workload protection : Kubernetes, Docker, EKS/GKE/AKS.

- Vulnerability scanners : Qualys, Tenable, or Rapid7.

- Programming/Scripting : Proficiency in Python, PowerShell, or Bash for automation and integration.

- Frameworks & Standards : Familiarity with NIST, ISO 27001, SOC 2, CIS Benchmarks, and OWASP.

- Networking & OS : Solid understanding of TCP/IP, DNS, VPN, Linux, and Windows security hardening.

- Incident Management : Hands-on experience with IR frameworks (NIST 800-61) and digital forensics.

- Certifications (Preferred) : AWS Certified Security Specialty GIAC Cloud Security Automation (GCSA) Certified Cloud Security Professional (CCSP) CISSP or equivalent.