Cloud Security Engineer
$86.7k - $129.6kPegasystems Inc
Cloud Security Engineer
Job Category: Engineering & Cloud
Location: US - Virginia - Sterling
Meet Our Team:
This team is part of Pega’s Cloud Cybersecurity organization within the Cloud Cybersecurity Operations tribe. We help build and operate the security controls, automation, and response capabilities that protect Pega's cloud environments, including FedRAMP-regulated government infrastructure, commercial AWS, and multi-cloud platforms. We work across IAM, vulnerability management, compliance automation, SOAR response actions, and AI-driven security tooling. Engineers on this team own their domains end-to-end: design, build, operate, and iterate.
Due to the nature of the role's work with FedRamp, US Citizenship is required
Picture Yourself at Pega:
You'll be a part owner of Pega's FedRamp/cloud environment, responsible for both day-to-day operational security and sprint-based feature delivery. You'll work alongside peers delivering AI-driven remediation pipelines, identity automation, and cloud security tooling, and are expected to contribute to that innovation work alongside your responsibilities.
This is an engineering role. You write code, build automation, operate regulated infrastructure, and ship features, not just process tickets.
What You'll Do at Pega:
Access Governance & Identity Operations (30%)
Own Okta administration for PCFG and Commercial environments: MFA resets, account provisioning, Okta Verify troubleshooting, policy enforcement
Manage IAM roles, permission boundaries, deployment entitlements, and access reviews across PCFG accounts (CloudOps, Jenkins, deployment pipelines)
Build and maintain entitlement automation workflows for joiner/mover/leaver processes
Support SailPoint quarterly certifications and access request workflows; contribute to AI-assisted certification automation
Vulnerability Scanning & Remediation (25%)
Operate Nessus/Tenable and Netsparker scanning across PCFG RnD and PCFG Prod
Respond to audit scan requests (UKCE, SOC, FedRAMP assessors) with findings and evidence
Track and ensure zero high-severity findings outstanding beyond 30 days
Compliance Patching & BAU (25%)
Execute FedRAMP Control Plane patching cycle every sprint — mandatory compliance obligation, non-negotiable
Execute PCFG RnD OS automated patching and validate Commercial environment patches (SailPoint, PingCastle)
Maintain patch compliance metrics; escalate blockers before sprint close
Contribute to SSM Patch Manager automation to reduce manual patching overhead over time
Cloud Infrastructure & Automation Engineering (20%)
Build infrastructure automation: Control Tower account provisioning, PCFG account lifecycle, CloudFormation role deployment
Develop SSM Patch Manager alerting and role infrastructure
Respond to ad-hoc infrastructure requests: IAM policy changes, Global Accelerator, Lambda roles, Bedrock model enablement
Contribute to team-wide AI-driven remediation features — SOAR response actions, AWS Config automation, and AI intake tooling
What You've Accomplished:
3+ years in cloud security engineering or a closely adjacent role; hands-on with AWS (IAM, CloudFormation, SSM, Inspector, Config, GuardDuty)
Experience operating in a FedRAMP or similarly regulated environment, you understand what compliance-driven delivery looks like
Proficient with identity platforms: Okta administration, SailPoint or equivalent IGA tooling
Comfortable writing automation: Python, shell, CloudFormation/Terraform, you don't wait for someone else to build the script
Familiar with vulnerability scanning tools (Nessus/Tenable, Netsparker, or AWS Inspector)
You operate well in a team that splits time between BAU obligations and feature delivery, context-switching is part of the job
Exposure to SOAR platforms (Chronicle SecOps, Siemplify, or similar) is a plus
Experience with GitHub-based CI/CD pipelines,you're comfortable with PR-gated workflows, GitHub Actions, and treating infrastructure and security content as code that gets reviewed before it ships
You use AI tools (Copilot, ChatGPT, or similar) as part of how you build, scaffolding automation, generating test cases, accelerating repetitive engineering work and you know how to validate what comes out
Pega Offers You:
Gartner Analyst acclaimed technology leadership across our categories of products
Continuous learning and development opportunities
An innovative, inclusive, agile, flexible, and fun work environment
Competitive global benefits program inclusive of pay + bonus incentive, employee equity in the company(#LI-KH2)
Additional Information
Base salary range for this role is 86,700 - 129,600 USD annually. This role may also be eligible for annual bonus OR commission, as well as benefits and other incentives.
The final compensation will be determined during the offer process based on the candidate's education, experience, skills, and qualifications, as well as market conditions and may vary from the posted range. We will share an information on benefits, bonus/commission, and other pay components for this role at the relevant recruitment stage.
Job ID: 23853
AI in Action – Responsible Use of AI in Recruitment
Pega embraces the responsible use of artificial intelligence (AI) to improve efficiency, consistency, and fairness across our business. We encourage thoughtful and ethical adoption of AI technologies that support people—not replace them. We may use AI‑enabled tools in our recruitment process. These tools are designed to assist us by providing insights and operational support.
All hiring decisions are made based on human review and judgment. You may have the right to request human review, provide additional information, or raise questions about how such tools are used.
Culture
At Pegasystems, we foster an environment where people feel valued and empowered to contribute their best. With global clients across industries and regions, we know our success depends on the unique perspectives, experiences, and talents of our people. Ours is a workplace where everyone can grow, collaborate, and deliver meaningful outcomes.
We encourage candidates from all backgrounds and experiences and focus on the core competencies and mindset needed to thrive in a role.
As an Equal Opportunity employer, Pegasystems will not discriminate in its employment practices due to an applicant's race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, veteran or disability status, or any other category protected by law.
Export Compliance
For positions requiring access to technical data subject to export control regulations such as this, Pegasystems may need to obtain export license approval from the U.S. Government and EU Authorities for certain individuals.
Accommodations
If you require reasonable accommodations under the Americans with Disabilities Act (US only) or comparable regional regulations in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process,or contact (US only) 1-888-PEGA-NOW and/or 225 Wyman Street Waltham, MA 02451 ATTN: Benefits.
Ready to build a Blueprint?
Choose the reinvention engine for your needs.
For workflows & app design
Reimagine your processes and turn any workflow into a build-ready application with confidence.
For marketing & CX strategy design
Visualize customer journeys and engagement strategies across all touchpoints and activate them.
It is Pega's policy to engage, recruit, hire, promote, train, discipline, and compensate in all job classifications, without regard to race, color, sex, religion, national origin, age, disability, sexual orientation, gender identity, veteran status, or any other category protected by law.
$140k - $160k
...cybersecurity and IT support capabilities for federal civilian and defense agencies. A recognized leader in navigating technology and security challenges, Foxhole delivers mission-focused innovations to answer evolving and complex needs. Our talented employee-owners...SuggestedContract workWork experience placementWork at officeRemote workFlexible hours$120.5k - $231k
...everywhere & always. Want in? Join the #VTeamLife. What you'll be doing... The Verizon Network Security team is looking for a highly motivated and experienced Principal Engineer to join the Net-Sec Defense Organization under the Broadband Access team. You will be...SuggestedFull timeTemporary workPart timeWork experience placementWork at officeWork from homeShift work3 days per week$45k - $65k
Blu Omega LLC seeks a Junior Vulnerability Analyst to support the NIH cybersecurity operations center. This remote role is responsible for assessing and mitigating cybersecurity vulnerabilities in critical healthcare and federal systems. Candidates should demonstrate a...SuggestedRemote work$107.9k - $195.05k
...Description The Department of Homeland Security (DHS), Customs and Border Protection (CBP... ...websites, wireless, mobile/cellular, cloud, security devices, servers and workstations... ...Leidos is looking for an Application Security Engineer to support: Application Security...SuggestedWork at officeLocal areaImmediate start- ...Job Description Job Description We are seeking a highly skilled mid or senior level Linux System Security Engineer to join our team. The ideal candidate will have a strong background in Linux and networking, as well as experience in securing the systems and devices...SuggestedFull timeWork at officeImmediate start
$152.2k - $243.7k
...Job Description Information security is an integral part of Visa's corporate culture. It... ...technology teams, including Cyber Defense and Engineering. Perform proactive threat hunting to... ...as a peer. Strong understanding of cloud technologies and related security best practices...Work experience placementWork at officeLocal area- ...their missions. Our focus areas include Space, Connectivity, Cyber, Cloud, Analytics, and Research & Development. As we continue to grow, Altagrove is actively recruiting for a Cyber Security Engineer to join our energetic and entrepreneurial team that is executing on...Work at office
- ...will be responsible for identifying vulnerabilities, implementing security measures, and responding to incidents. Key Responsibilities... ...Security+, CISSP) are advantageous. Nice to Have Experience with cloud security solutions. Knowledge of regulatory compliance...
- ...Description About the Role Triple Point Security is seeking a mid-level Security Analyst... ...decisions. Understanding of cloud security and compliance considerations in... ...staff, system owners, data scientists, engineers, security personnel, and project managers...For contractorsLocal area
$107.9k - $195.05k
...Description Leidos is seeking an experienced Release Train Engineer (RTE) to join the Air Traffic Business Area within the Homeland Sector... ...capabilities, replacing aging infrastructure with scalable, cloud‑based platforms that enhance safety, resiliency, and operational...Contract workRemote work- ...in your career. Come join our team! Zantech is looking for a Cloud Programs Analyst with a Technical Backround to support a... ...their last JD - we want someone who can show it Required Security Clearance: U.S. Citizenship required. Must currently hold an...Remote jobFull time
$78.52k - $110k
.... Our specialties include cybersecurity, cloud modernization, software development, data... ...Way Insignia. The position is a mid-level Engineer role supporting the VA Office of Academic... ...to deliver low-code solutions that are secure, accessible, and compliant within the active...For contractorsTraineeshipWork at officeLocal area$98.14k - $147k
.... Our specialties include cybersecurity, cloud modernization, software development, data... ...th Way Insignia. The position is a Senior Engineer-level role supporting the VA Office of... ...technologies, ensuring all solutions are scalable, secure, and compliant within the active VA...For contractorsTraineeshipWork at officeLocal area- ...Description Job Description Description The Full Platform Test Engineer is responsible for working cross-functionally with ARC’s... ...under U.S. laws and regulations, including the National Industrial Security Program Operating Manual (NISPOM). Please note that any offer...Flexible hours
$130k - $180k
...seeking an outgoing, strategic Senior DevOps / MLOps Engineer who brings deep expertise in modern software... ...infrastructure-as-code and modern DevOps tooling. Cloud & Platform Engineering Manage, optimize, and secure cloud environments, ensuring efficient use of...Full timeContract work- ...visit us at We are seeking a DevSecOps Engineer to join our team in supporting... ..., Prometheus/Grafana and is committed to securing and streamlining software delivery and infrastructure... ..., scalability, and maintainability of cloud-based or hybrid environments supporting...Work experience placementWork at officeFlexible hours
$100k - $125k
...Description: We are searching for a DevSecOps Engineer to join our team to support a dynamic... ...and testing Develop improvements to security, availability, scalability, and performance... ...deployment to a government-supported cloud environment Experience providing production...- ...technology solutions that support the mission of federal agencies. We are seeking an experienced Oracle Integration Cloud (OIC) Developer to design and implement secure REST-based integrations between our on-premises Oracle E-Business Suite (EBS) 12.2.14 environment and an...Permanent employmentTemporary workVisa sponsorship
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Cloud Security Engineer. Be the first to apply!

