Cloud Security Engineer
$86.7k - $129.6kPegasystems
Cloud Security Engineer
Job Category: Engineering & Cloud
Location: US - Virginia - Dulles
Meet Our Team:
This team is part of Pega’s Cloud Cybersecurity organization within the Cloud Cybersecurity Operations tribe. We help build and operate the security controls, automation, and response capabilities that protect Pega's cloud environments, including FedRAMP-regulated government infrastructure, commercial AWS, and multi-cloud platforms. We work across IAM, vulnerability management, compliance automation, SOAR response actions, and AI-driven security tooling. Engineers on this team own their domains end-to-end: design, build, operate, and iterate.
Due to the nature of the role's work with FedRamp, US Citizenship is required
Picture Yourself at Pega:
You'll be a part owner of Pega's FedRamp/cloud environment, responsible for both day-to-day operational security and sprint-based feature delivery. You'll work alongside peers delivering AI-driven remediation pipelines, identity automation, and cloud security tooling, and are expected to contribute to that innovation work alongside your responsibilities.
This is an engineering role. You write code, build automation, operate regulated infrastructure, and ship features, not just process tickets.
What You'll Do at Pega:
Access Governance & Identity Operations (30%)
Own Okta administration for PCFG and Commercial environments: MFA resets, account provisioning, Okta Verify troubleshooting, policy enforcement
Manage IAM roles, permission boundaries, deployment entitlements, and access reviews across PCFG accounts (CloudOps, Jenkins, deployment pipelines)
Build and maintain entitlement automation workflows for joiner/mover/leaver processes
Support SailPoint quarterly certifications and access request workflows; contribute to AI-assisted certification automation
Vulnerability Scanning & Remediation (25%)
Operate Nessus/Tenable and Netsparker scanning across PCFG RnD and PCFG Prod
Respond to audit scan requests (UKCE, SOC, FedRAMP assessors) with findings and evidence
Track and ensure zero high-severity findings outstanding beyond 30 days
Compliance Patching & BAU (25%)
Execute FedRAMP Control Plane patching cycle every sprint — mandatory compliance obligation, non-negotiable
Execute PCFG RnD OS automated patching and validate Commercial environment patches (SailPoint, PingCastle)
Maintain patch compliance metrics; escalate blockers before sprint close
Contribute to SSM Patch Manager automation to reduce manual patching overhead over time
Cloud Infrastructure & Automation Engineering (20%)
Build infrastructure automation: Control Tower account provisioning, PCFG account lifecycle, CloudFormation role deployment
Develop SSM Patch Manager alerting and role infrastructure
Respond to ad-hoc infrastructure requests: IAM policy changes, Global Accelerator, Lambda roles, Bedrock model enablement
Contribute to team-wide AI-driven remediation features — SOAR response actions, AWS Config automation, and AI intake tooling
What You've Accomplished:
3+ years in cloud security engineering or a closely adjacent role; hands-on with AWS (IAM, CloudFormation, SSM, Inspector, Config, GuardDuty)
Experience operating in a FedRAMP or similarly regulated environment, you understand what compliance-driven delivery looks like
Proficient with identity platforms: Okta administration, SailPoint or equivalent IGA tooling
Comfortable writing automation: Python, shell, CloudFormation/Terraform, you don't wait for someone else to build the script
Familiar with vulnerability scanning tools (Nessus/Tenable, Netsparker, or AWS Inspector)
You operate well in a team that splits time between BAU obligations and feature delivery, context-switching is part of the job
Exposure to SOAR platforms (Chronicle SecOps, Siemplify, or similar) is a plus
Experience with GitHub-based CI/CD pipelines,you're comfortable with PR-gated workflows, GitHub Actions, and treating infrastructure and security content as code that gets reviewed before it ships
You use AI tools (Copilot, ChatGPT, or similar) as part of how you build, scaffolding automation, generating test cases, accelerating repetitive engineering work and you know how to validate what comes out
Pega Offers You:
Gartner Analyst acclaimed technology leadership across our categories of products
Continuous learning and development opportunities
An innovative, inclusive, agile, flexible, and fun work environment
Competitive global benefits program inclusive of pay + bonus incentive, employee equity in the company(#LI-KH2)
Additional Information
Base salary range for this role is 86,700 - 129,600 USD annually. This role may also be eligible for annual bonus OR commission, as well as benefits and other incentives.
The final compensation will be determined during the offer process based on the candidate's education, experience, skills, and qualifications, as well as market conditions and may vary from the posted range. We will share an information on benefits, bonus/commission, and other pay components for this role at the relevant recruitment stage.
Job ID: 23853
AI in Action – Responsible Use of AI in Recruitment
Pega embraces the responsible use of artificial intelligence (AI) to improve efficiency, consistency, and fairness across our business. We encourage thoughtful and ethical adoption of AI technologies that support people—not replace them. We may use AI‑enabled tools in our recruitment process. These tools are designed to assist us by providing insights and operational support.
All hiring decisions are made based on human review and judgment. You may have the right to request human review, provide additional information, or raise questions about how such tools are used.
Culture
At Pegasystems, we foster an environment where people feel valued and empowered to contribute their best. With global clients across industries and regions, we know our success depends on the unique perspectives, experiences, and talents of our people. Ours is a workplace where everyone can grow, collaborate, and deliver meaningful outcomes.
We encourage candidates from all backgrounds and experiences and focus on the core competencies and mindset needed to thrive in a role.
As an Equal Opportunity employer, Pegasystems will not discriminate in its employment practices due to an applicant's race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, veteran or disability status, or any other category protected by law.
Export Compliance
For positions requiring access to technical data subject to export control regulations such as this, Pegasystems may need to obtain export license approval from the U.S. Government and EU Authorities for certain individuals.
Accommodations
If you require reasonable accommodations under the Americans with Disabilities Act (US only) or comparable regional regulations in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process,or contact (US only) 1-888-PEGA-NOW and/or 225 Wyman Street Waltham, MA 02451 ATTN: Benefits.
Ready to build a Blueprint?
Choose the reinvention engine for your needs.
For workflows & app design
Reimagine your processes and turn any workflow into a build-ready application with confidence.
For marketing & CX strategy design
Visualize customer journeys and engagement strategies across all touchpoints and activate them.
It is Pega's policy to engage, recruit, hire, promote, train, discipline, and compensate in all job classifications, without regard to race, color, sex, religion, national origin, age, disability, sexual orientation, gender identity, veteran status, or any other category protected by law.
- ...Cloud Security Engineer Location: Sterling, Virginia (On-site) Employment Type: 6 month contract-to-Hire Apply here: Please send a copy of your updated resume and relevant certification(s) to Sara at [email protected] Role Overview We are seeking...SuggestedContract workVisa sponsorship
- ...solutions, tested leadership, and trusted results to enable national security missions worldwide. Job Description This position is contingent upon award of contract SOSi is seeking a Cloud Security Engineer to support mission requirements for a structured approach to...SuggestedFull timeContract workRemote workWorldwide
- ...GuidePoint Security provides trusted cybersecurity expertise, solutions and services that... ...contractors. We are growing our federal presales engineering team and looking for technically... ...and knowledge of various on-premises, cloud-based, and hybrid resources to address security...SuggestedFor contractorsRemote workFlexible hours
- ...Title: Senior Cloud Security Engineer Location: Remote Note: Temp to hire. Pay Range: $70/hr. to $75/hr. on w2. About the Opportunity As a Senior Cloud Security Engineer, you will lead the design and delivery of cloud-focused security capabilities...SuggestedTemporary workRemote workShift work
- ...looking for a Mid-Level DevSecOps SME / Information System Security Engineer (ISSE) to join a collaborative, dynamic team in a fast-paced,... ...information systems design, containerized applications, and cloud architectures (AWS or GCP), and information security aspects...SuggestedFull timeFor contractors
$131k - $271.6k
...you? Constant learning, skill growth, great benefits, and a team that wants you to grow and succeed. SAP NS2 Senior Cloud Security Engineer-TS/SCI + poly Onsite - Chantilly, VA Active TS SCI with Polygraph Required NS2 COMPANY DESCRIPTION SAP is the global...Permanent employmentFull timeWorldwideFlexible hours$148.5k - $223.9k
...future of Salesforce. We are looking for a Senior Offensive Security Engineer (Red Team) with a strong, hands-on attacker mindset to... ...simulating real-world threat actors across applications, platforms, cloud infrastructure, and enterprise environments. Identify,...$81k - $155k
...up, everywhere & always. Want in? Join the #VTeamLife. What you’ll be doing... The GN&T Network Security team is looking for a highly motivated and experienced Engineer to join the Network Security Defense team. The Defense teams are responsible for owning the security...Full timeTemporary workPart timeWork experience placementWork at officeWork from homeFlexible hoursShift work3 days per week$119.32k - $202.85k
...The Work: ICF is seeking an experienced and driven Software Security Engineer to lead and oversee mission-critical initiatives in support of... ...). In this role, you will help safeguard applications and cloud-based systems by integrating security best practices throughout...Full timeContract workWork experience placementWork at officeImmediate startRemote work$120.5k - $231k
...everywhere & always. Want in? Join the #VTeamLife. What you'll be doing... The Verizon Network Security team is looking for a highly motivated and experienced Principal Engineer to join the Net-Sec Defense Organization under the Broadband Access team. You will be...Full timeTemporary workPart timeWork experience placementWork at officeWork from homeShift work3 days per week$133.14k - $247.26k
...days onsite) out of our DC or Silver Spring office.* The Cloud Security Architect (AWS) is a hands-on security leader with deep... ...(WBD) Cloud Security team, this role partners closely with engineering and product teams to embed security into cloud architectures...Temporary workWork at officeLocal area- ...Sr. Cloud Security Architect The Sr. Cloud Security Architect will act as a cloud security subject matter expert, responsible for designing... ...impact of security controls. Mentor junior security engineers and contribute to team development. Maintain documentation...
- ...Role : Cloud Security Architect Hands on Experience in Azure Security (Azure Bastion, Gateway/VNet Peering etc.,) Azure IAM and Identity Governance Experience Hands-on development experience on Azure Functions/DB's/Network management Experience with...
- ...Northstrat is seeking an experienced and driven Cloud/DevOps Engineer to join our dynamic team. The ideal candidate will have a minimum of... ...Lambda, KMS, workspaces, etc. ~ Required certification Security+ CE, SSCP, CCNA-Security, or GSEC ~ Must have an...Full timeContract workWork experience placementFlexible hoursWeekend workWeekday work
- ...Cloud Dev Ops Engineering & Ops Employment Type: Full-Time Minimum Experience: Experienced Clearance Requirement: The successful candidate must hold an Active TS/SCI security clearance for which the US Government Requires US Citizenship. Ready to Join Our Team...Full timeWork at officeFlexible hours
- ...mental health centers nationwide.Role SummaryThe Azure DevOps Engineer is a senior technical leader responsible for designing and evolving... ...and drives measurable improvements in deployment reliability, security, and operational maturity. The Tier 3 engineer mentors other...
$178.4k - $226.7k
...performing question-driven analysis is required. As a Senior Security Intelligence Engineer, you will help enhance our capabilities by identifying new... ...to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations,...Flexible hoursNight shiftWeekend work$135k - $216k
...working alongside leaders in aviation, engineering, data science, and systems integration.... ...Peraton is seeking a Information Systems Security Engineer (ISSE) to join our team of qualified... .... Familiarity with network security, cloud environments, and encryption...Contract workFor subcontractorShift work- ...F&A Technologies LLC (F&A) is seeking a skilled and motivated Information Systems Security Engineer (ISSE) to work hand-in-hand with our Development and Sustainment Teams in navigating Security policy/requirements that effectively deliver compliant and compelling technical...Work at officeFlexible hours
$111.8k - $221.8k
...Information Systems Security Engineer Herndon, VA At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared purpose to pursue the...Contract workLocal area$159.3k - $202.4k
...experience performing question-driven analysis is required. As a Security Intelligence Engineer, you will help enhance our capabilities by identifying new... ...to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations,...InternshipFlexible hours- ...Overview VTG is seeking a highly skilled Information Systems Security Engineer (ISSE) to design, implement, and maintain security controls across enterprise systems and networks. This role ensures systems are compliant with security requirements while supporting mission...
- ...NO REMOTE WORK, MUST WORK ON SITE Job Description: As a security engineer on our team, you'll evaluate and support the documentation,... ...the current environment and knowledge of various on-premise, cloud-based, and hybrid resources to address security requirements....Remote work
- ...modernize their infrastructure and manage their data. TrueTandem is seeking experienced, skilled, and passionate Senior Cloud Security Engineers to support enterprise-wide cybersecurity modernization initiatives for large U.S. Federal government agencies. Ideal...
- ...serve. About the Role SteerBridge Strategies is seeking a Security Engineer to support a mission-critical Defense Aviation platform operating within AWS GovCloud. This role will focus on securing cloud infrastructure, implementing security controls, monitoring threats...
- ...will serve as a member of the Exostar Information Security Office and will report to the Manager of Governance & Engineering. This role is responsible for designing and... ...technical security controls across application, cloud, identity, and PKI environments. The successful...Work at officeFlexible hours
$86.8k - $198k
...testing tools and techniques to ensure security of computer systems, applications, servers... ...Computer Science, Information Systems, Engineering, or a related field Certified Ethical Hacker... ...Penetration Tester ( GPEN ) , or GIAC Cloud Penetration Tester Certification...Full timeContract workPart timeLocal areaRemote work$45k - $65k
Blu Omega LLC seeks a Junior Vulnerability Analyst to support the NIH cybersecurity operations center. This remote role is responsible for assessing and mitigating cybersecurity vulnerabilities in critical healthcare and federal systems. Candidates should demonstrate a...Remote work$87.1k - $157.45k
...Job Overview Department of Homeland Security (DHS), Customs and Border Protection (CBP)... ...facing websites, wireless, mobile/cellular, cloud, security devices, servers and... ...remediation recommendations. Partner with SOC, engineering, and security teams to validate and remediate...Local area$86.8k - $198k
...systems and networks, develops exploits, and engineers attack met hodologies. Applies advanced... ...adversarial tactics to conduct security testing 3+ years of experience performing... ...Assurance Penetration Tester ( GPEN ) , or GIAC Cloud Penetration Tester Certification...Full timeContract workPart timeLocal areaRemote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Cloud Security Engineer. Be the first to apply!
- senior principal cloud computing engineer Sterling, VA
- cloud architect Sterling, VA
- aws cloud infrastructure engineer Sterling, VA
- senior aws cloud engineer Sterling, VA
- cloud network engineer Sterling, VA
- cloud engineer Sterling, VA
- informatica cloud developer Sterling, VA
- aws cloud security engineer Sterling, VA
- cloud developer Sterling, VA
- senior cloud security engineer Sterling, VA

