Senior Cloud Security Operations Analyst

Job ID: 22326 

Pega is The Enterprise Transformation Company that helps organizations Build for Change with enterprise AI decisioning and workflow automation. We offer a commercial SaaS version of our industry-leading platform to our global clients. Pega was recently recognized as one of the "Top 10 Tech Winners For The AI Revolution" by industry analysts and just hit a huge milestone of joining the S&P MidCap 400. On the frontlines of this success is the Pega Cloud Security Operations Center (CSOC). Our team of information security professionals is charged to protect Pega's commercial cloud assets and offerings. We accomplish this by creatively working to deter, detect, deny, delay, and defend against internal and external security threats. The CSOC provides monitoring, detection, and incident response services for Pega Cloud.

As a Senior Cloud Security Operations Analyst, you will play a critical role in ensuring the confidentiality, integrity, and availability of Pega's commercial cloud infrastructure and assets. You will be key in the continuous monitoring and protection of all global cloud security operations at Pega as well as an active participant in incident response efforts. As a key member of a team consisting of highly capable and talented problem-solving analysts and engineers, you'll help develop processes that drive proactive, automated detection and incident response tactics to support the quick resolution of cloud security events and incidents. 

You will accomplish this by collaborating with cross-functional teams – including other security analysts, threat detection engineers, vulnerability analysts, security engineers, system administrators, and developers – to proactively identify potential security risks and vulnerabilities within our cloud environment. You will leverage your strong analytical skills to assess and prioritize threats, applying your knowledge of industry best practices and cloud security frameworks. As a Senior Cloud Security Operations Analyst at Pega, you'll contribute to the success of our globally recognized brand. Your efforts will directly impact the security and trust our clients place in us, as we help them transform their business processes and drive meaningful digital experiences. 

So, picture yourself at Pega, where your expertise in cloud security is valued, and your passion for protecting data is celebrated. Join us in shaping the future of secure cloud operations and make a lasting impact on the world of technology.

•    Perform security monitoring of Pega Cloud commercial environments using multiple security tools/dashboards including our SIEM platform

•    Perform security investigations to identify indicators of compromise (IOCs) and better protect Pega Cloud and our clients from unauthorized or malicious activity

•    Actively contribute to incident response activities as we identify, contain, eradicate, and recover

•    Contribute to standard operating procedures (SOPs) and policy development for CSOC detection and analysis tools and methodologies

•    Assist in the development of playbooks for use by analysts to investigate both high confidence and anomalous activity
Occasionally:

•    Perform threat hunts for adversarial activities within Pega Cloud to identify evidence of attacker presence that may have not been identified by existing detection mechanisms

•    Assist the threat detection team in developing high confidence Splunk notables focused on use cases for known and emerging threats, based on hypotheses derived from the Pega threat landscape

•    Assist in the development of dashboards, reports, and other non-alert based content to maintain and improve situational awareness of Pega Cloud's security posture

•    Assist in enhancing security incident response plans (IRPs), conducting thorough investigations, and recommending remediation measures to prevent future incidents.

You have an insatiable curiosity with an inborn tenacity for finding creative ways to deter, detect, deny, delay, and defend against bad actors of all shapes and sizes. You have been in the "security trenches" and you know what an efficient security operations center looks like. You have conducted in-depth analyses of various security events/alerts, contributed to incident response efforts, and developed new methods for detecting and mitigating badness wherever you see it. You bring a wealth of cloud security experience to the table and are ready to harness that expertise to dive into cloud-centric, technical analysis and incident response to make Pega Cloud the most secure it can be. 
 
You have a history of success in the information security industry. Your list of accolades include:

•    SANS, Offensive Security, or other top-tier industry recognized technical security certifications focused on analysis, detection, and/or incident response

•    Industry recognition for identifying security gaps to secure applications or products

Your background and competencies include:

•    4+ years of industry-relevant experience, with a demonstrated working knowledge of cloud architecture, infrastructure, and resources, along with the associated services, threats, and mitigations.

•    3+ years in operational SIEM (Security Information and Event Management) roles, focusing on analysis, investigations, and incident response, particularly with Splunk Enterprise Security (ES) and Google Chronicle/SecOps. 

•    3+ years of operational experience with EDR/XDR platforms and related analysis and response techniques

•    2+ years of operational cloud security experience – preferably AWS and/or GCP – including knowledge and analysis of various cloud logs such as CloudTrail, Cloud Audit, GuardDuty, Security Command Center, VPCFlow, and WAF logs. 

•    A solid foundational understanding of computer, OS (Linux/Windows), and network architecture concepts, and various related exploits/attacks

•    Excellent verbal and written communication skills, including poise in high pressure situations

•    A demonstrated ability to work in a team environment and foster a healthy, productive team culture

It Would be Nice if You Also Have:

•    Solid working knowledge of MITRE ATT&CK framework and the associated TTP's and how to map detections against it, particularly the cloud matrix portion

•    Familiarity with the OWASP Top 10 vulnerabilities and best practices for mitigating these security risks.

•    Operational experience performing investigations and incident response within Linux and Windows hosts as well as AWS, GCP, and related Kubernetes environments (EKS/GKE)

•    Experience developing standard operating procedures (SOPs), incident response plans, runbooks/playbooks for repeated actions, and security operations policies

•    Experience with Python, Linux shell/bash, and PowerShell scripting is a plus

•    A Bachelor's degree in Cybersecurity, Computer Science, Data Science, or related field

•    A robust global benefits program including a competitive pay + bonus incentive and Employee Equity in the company

•    An innovative, inclusive, agile, flexible, and fun work environment full of opportunities to learn and grow

•    At Pega, we believe in continuous learning and growth. You will have access to cutting-edge technologies and training resources, allowing you to stay at the forefront of cloud security.

•    Pega's culture fosters collaboration, innovation, and work-life balance. You'll participate in team-building activities and engage in open discussions during daily/weekly team meetings

•    You will have the flexibility to work remotely when needed, allowing you to maintain a healthy work-life integration

•    Gartner Analyst acclaimed technology leadership across our categories of products

#LI-ME1

AI in Action – Pega embraces the power of artificial intelligence. We encourage all employees to actively engage with AI technologies and continually explore ways to responsibly integrate AI into our products and processes.

Culture – At Pegasystems, we foster an environment where people feel valued and empowered to contribute their best. With global clients across industries and regions, we know our success depends on the unique perspectives, experiences, and talents of our people. Ours is a workplace where everyone can grow, collaborate, and deliver meaningful outcomes.

We encourage candidates from all backgrounds and experiences and focus on the core competencies and mindset needed to thrive in a role.

As an Equal Opportunity employer, Pegasystems will not discriminate in its employment practices due to an applicant's race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, veteran or disability status, or any other category protected by law.

Export Compliance – For positions requiring access to technical data subject to export control regulations such as this, Pegasystems may need to obtain export license approval from the U.S. Government and EU Authorities for certain individuals.

Accommodations – If you require reasonable accommodations under the Americans with Disabilities Act (US only) or comparable regional regulations in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please contact us here or contact (US only PEGA-NOW and/or 225 Wyman Street Waltham, MA 02451 ATTN: Benefits.

Labor Condition Applications
GDPR Candidate Privacy Notice
Pegasystems Limited UK Gender Pay Gap Statement
EEO/AA Policy Statement
Know Your Rights: Workplace Discrimination is Illegal
Pay Transparency Policy Statement
Your Employee Rights Under the Family and Medical Leave Act
E-Verify Notice
Employee Polygraph Protection Act Rights