JOBSEARCHER

Cloud Security Engineer

ARCHIVED

We can't find an active application page for this role right now. It may reopen or be listed elsewhere. Use Next Steps to search for an active apply link and similar live jobs.

Search All Jobs Cloud Security Engineer Job Category: Engineering & CloudLocation: US - Virginia - Dulles Apply now Share Share via Facebook Share via X Share via LinkedIn Share via Email Copying... Copied! Meet Our Team:This team is part of Pega’s Cloud Cybersecurity organization within the Cloud Cybersecurity Operations tribe. We help build and operate the security controls, automation, and response capabilities that protect Pega's cloud environments, including FedRAMP-regulated government infrastructure, commercial AWS, and multi-cloud platforms. We work across IAM, vulnerability management, compliance automation, SOAR response actions, and AI-driven security tooling. Engineers on this team own their domains end-to-end: design, build, operate, and iterate.Due to the nature of the role's work with FedRamp, US Citizenship is requiredPicture Yourself At Pega:You'll be a part owner of Pega's FedRamp/cloud environment, responsible for both day-to-day operational security and sprint-based feature delivery. You'll work alongside peers delivering AI-driven remediation pipelines, identity automation, and cloud security tooling, and are expected to contribute to that innovation work alongside your responsibilities.This is an engineering role. You write code, build automation, operate regulated infrastructure, and ship features, not just process tickets.What You'll Do At Pega:Access Governance & Identity Operations (30%)Own Okta administration for PCFG and Commercial environments: MFA resets, account provisioning, Okta Verify troubleshooting, policy enforcementManage IAM roles, permission boundaries, deployment entitlements, and access reviews across PCFG accounts (CloudOps, Jenkins, deployment pipelines)Build and maintain entitlement automation workflows for joiner/mover/leaver processesSupport SailPoint quarterly certifications and access request workflows; contribute to AI-assisted certification automationVulnerability Scanning & Remediation (25%)Operate Nessus/Tenable and Netsparker scanning across PCFG RnD and PCFG ProdRespond to audit scan requests (UKCE, SOC, FedRAMP assessors) with findings and evidenceTrack and ensure zero high-severity findings outstanding beyond 30 daysCompliance Patching & BAU (25%)Execute FedRAMP Control Plane patching cycle every sprint — mandatory compliance obligation, non-negotiableExecute PCFG RnD OS automated patching and validate Commercial environment patches (SailPoint, PingCastle)Maintain patch compliance metrics; escalate blockers before sprint closeContribute to SSM Patch Manager automation to reduce manual patching overhead over timeCloud Infrastructure & Automation Engineering (20%)Build infrastructure automation: Control Tower account provisioning, PCFG account lifecycle, CloudFormation role deploymentDevelop SSM Patch Manager alerting and role infrastructureRespond to ad-hoc infrastructure requests: IAM policy changes, Global Accelerator, Lambda roles, Bedrock model enablementContribute to team-wide AI-driven remediation features — SOAR response actions, AWS Config automation, and AI intake toolingWhat You've Accomplished:3+ years in cloud security engineering or a closely adjacent role; hands-on with AWS (IAM, CloudFormation, SSM, Inspector, Config, GuardDuty)Experience operating in a FedRAMP or similarly regulated environment, you understand what compliance-driven delivery looks likeProficient with identity platforms: Okta administration, SailPoint or equivalent IGA toolingComfortable writing automation: Python, shell, CloudFormation/Terraform, you don't wait for someone else to build the scriptFamiliar with vulnerability scanning tools (Nessus/Tenable, Netsparker, or AWS Inspector)You operate well in a team that splits time between BAU obligations and feature delivery, context-switching is part of the jobExposure to SOAR platforms (Chronicle SecOps, Siemplify, or similar) is a plusExperience with GitHub-based CI/CD pipelines,you're comfortable with PR-gated workflows, GitHub Actions, and treating infrastructure and security content as code that gets reviewed before it shipsYou use AI tools (Copilot, ChatGPT, or similar) as part of how you build, scaffolding automation, generating test cases, accelerating repetitive engineering work and you know how to validate what comes outPega Offers You:Gartner Analyst acclaimed technology leadership across our categories of productsContinuous learning and development opportunitiesAn innovative, inclusive, agile, flexible, and fun work environmentCompetitive global benefits program inclusive of pay + bonus incentive, employee equity in the company () Additional InformationBase salary range for this role is 86,700 - 129,600 USD annually. This role may also be eligible for annual bonus OR commission, as well as benefits and other incentives.The final compensation will be determined during the offer process based on the candidate's education, experience, skills, and qualifications, as well as market conditions and may vary from the posted range. We will share an information on benefits, bonus/commission, and other pay components for this role at the relevant recruitment stage.Job ID: 23853Ready to build a Blueprint?Choose the reinvention engine for your needs.For workflows & app designReimagine your processes and turn any workflow into a build-ready application with confidence.Pega Blueprint™For marketing & CX strategy designVisualize customer journeys and engagement strategies across all touchpoints and activate them.Pega Customer Engagement Blueprint™Additional InformationBase salary range for this role is 86,700 - 129,600 USD annually. This role may also be eligible for annual bonus OR commission, as well as benefits and other incentives.The final compensation will be determined during the offer process based on the candidate's education, experience, skills, and qualifications, as well as market conditions and may vary from the posted range. We will share an information on benefits, bonus/commission, and other pay components for this role at the relevant recruitment stage.Job ID: 23853