Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Cloud Security Engineer

$86.7k - $129.6k

Pegasystems

Cloud Security Engineer

Job Category: Engineering & Cloud

Location: US - Virginia - Dulles

Meet Our Team:

This team is part of Pega’s Cloud Cybersecurity organization within the Cloud Cybersecurity Operations tribe. We help build and operate the security controls, automation, and response capabilities that protect Pega's cloud environments, including FedRAMP-regulated government infrastructure, commercial AWS, and multi-cloud platforms. We work across IAM, vulnerability management, compliance automation, SOAR response actions, and AI-driven security tooling. Engineers on this team own their domains end-to-end: design, build, operate, and iterate.

Due to the nature of the role's work with FedRamp, US Citizenship is required

Picture Yourself at Pega:

You'll be a part owner of Pega's FedRamp/cloud environment, responsible for both day-to-day operational security and sprint-based feature delivery. You'll work alongside peers delivering AI-driven remediation pipelines, identity automation, and cloud security tooling, and are expected to contribute to that innovation work alongside your responsibilities.

This is an engineering role. You write code, build automation, operate regulated infrastructure, and ship features, not just process tickets.

What You'll Do at Pega:

Access Governance & Identity Operations (30%)

  • Own Okta administration for PCFG and Commercial environments: MFA resets, account provisioning, Okta Verify troubleshooting, policy enforcement

  • Manage IAM roles, permission boundaries, deployment entitlements, and access reviews across PCFG accounts (CloudOps, Jenkins, deployment pipelines)

  • Build and maintain entitlement automation workflows for joiner/mover/leaver processes

  • Support SailPoint quarterly certifications and access request workflows; contribute to AI-assisted certification automation

Vulnerability Scanning & Remediation (25%)

  • Operate Nessus/Tenable and Netsparker scanning across PCFG RnD and PCFG Prod

  • Respond to audit scan requests (UKCE, SOC, FedRAMP assessors) with findings and evidence

  • Track and ensure zero high-severity findings outstanding beyond 30 days

Compliance Patching & BAU (25%)

  • Execute FedRAMP Control Plane patching cycle every sprint — mandatory compliance obligation, non-negotiable

  • Execute PCFG RnD OS automated patching and validate Commercial environment patches (SailPoint, PingCastle)

  • Maintain patch compliance metrics; escalate blockers before sprint close

  • Contribute to SSM Patch Manager automation to reduce manual patching overhead over time

Cloud Infrastructure & Automation Engineering (20%)

  • Build infrastructure automation: Control Tower account provisioning, PCFG account lifecycle, CloudFormation role deployment

  • Develop SSM Patch Manager alerting and role infrastructure

  • Respond to ad-hoc infrastructure requests: IAM policy changes, Global Accelerator, Lambda roles, Bedrock model enablement

  • Contribute to team-wide AI-driven remediation features — SOAR response actions, AWS Config automation, and AI intake tooling

What You've Accomplished:

  • 3+ years in cloud security engineering or a closely adjacent role; hands-on with AWS (IAM, CloudFormation, SSM, Inspector, Config, GuardDuty)

  • Experience operating in a FedRAMP or similarly regulated environment, you understand what compliance-driven delivery looks like

  • Proficient with identity platforms: Okta administration, SailPoint or equivalent IGA tooling

  • Comfortable writing automation: Python, shell, CloudFormation/Terraform, you don't wait for someone else to build the script

  • Familiar with vulnerability scanning tools (Nessus/Tenable, Netsparker, or AWS Inspector)

  • You operate well in a team that splits time between BAU obligations and feature delivery, context-switching is part of the job

  • Exposure to SOAR platforms (Chronicle SecOps, Siemplify, or similar) is a plus

  • Experience with GitHub-based CI/CD pipelines,you're comfortable with PR-gated workflows, GitHub Actions, and treating infrastructure and security content as code that gets reviewed before it ships

  • You use AI tools (Copilot, ChatGPT, or similar) as part of how you build, scaffolding automation, generating test cases, accelerating repetitive engineering work and you know how to validate what comes out

Pega Offers You:

  • Gartner Analyst acclaimed technology leadership across our categories of products

  • Continuous learning and development opportunities

  • An innovative, inclusive, agile, flexible, and fun work environment

  • Competitive global benefits program inclusive of pay + bonus incentive, employee equity in the company(#LI-KH2)

Additional Information

Base salary range for this role is 86,700 - 129,600 USD annually. This role may also be eligible for annual bonus OR commission, as well as benefits and other incentives.

The final compensation will be determined during the offer process based on the candidate's education, experience, skills, and qualifications, as well as market conditions and may vary from the posted range. We will share an information on benefits, bonus/commission, and other pay components for this role at the relevant recruitment stage.

Job ID: 23853

AI in Action – Responsible Use of AI in Recruitment

Pega embraces the responsible use of artificial intelligence (AI) to improve efficiency, consistency, and fairness across our business. We encourage thoughtful and ethical adoption of AI technologies that support people—not replace them. We may use AI‑enabled tools in our recruitment process. These tools are designed to assist us by providing insights and operational support.

All hiring decisions are made based on human review and judgment. You may have the right to request human review, provide additional information, or raise questions about how such tools are used.

Culture

At Pegasystems, we foster an environment where people feel valued and empowered to contribute their best. With global clients across industries and regions, we know our success depends on the unique perspectives, experiences, and talents of our people. Ours is a workplace where everyone can grow, collaborate, and deliver meaningful outcomes.

We encourage candidates from all backgrounds and experiences and focus on the core competencies and mindset needed to thrive in a role.

As an Equal Opportunity employer, Pegasystems will not discriminate in its employment practices due to an applicant's race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, veteran or disability status, or any other category protected by law.

Export Compliance

For positions requiring access to technical data subject to export control regulations such as this, Pegasystems may need to obtain export license approval from the U.S. Government and EU Authorities for certain individuals.

Accommodations

If you require reasonable accommodations under the Americans with Disabilities Act (US only) or comparable regional regulations in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process,or contact (US only) 1-888-PEGA-NOW and/or 225 Wyman Street Waltham, MA 02451 ATTN: Benefits.

Ready to build a Blueprint?

Choose the reinvention engine for your needs.

For workflows & app design

Reimagine your processes and turn any workflow into a build-ready application with confidence.

For marketing & CX strategy design

Visualize customer journeys and engagement strategies across all touchpoints and activate them.

It is Pega's policy to engage, recruit, hire, promote, train, discipline, and compensate in all job classifications, without regard to race, color, sex, religion, national origin, age, disability, sexual orientation, gender identity, veteran status, or any other category protected by law.

Vacancy posted 8 hours ago
Similar jobs that could be interesting for youBased on the Cloud Security Engineer in Sterling, VA vacancy
  •  ...Cloud Security Engineer Location: Sterling, Virginia (On-site) Employment Type: 6 month contract-to-Hire Apply here: Please send a copy of your updated resume and relevant certification(s) to Sara at [email protected] Role Overview We are seeking... 
    Suggested
    Contract work
    Visa sponsorship

    Apex Systems

    Sterling, VA
    1 day ago
  •  ...solutions, tested leadership, and trusted results to enable national security missions worldwide. Job Description This position is contingent upon award of contract SOSi is seeking a Cloud Security Engineer to support mission requirements for a structured approach to... 
    Suggested
    Full time
    Contract work
    Remote work
    Worldwide

    SOS International LLC

    Reston, VA
    4 days ago
  •  ...GuidePoint Security provides trusted cybersecurity expertise, solutions and services that...  ...contractors. We are growing our federal presales engineering team and looking for technically...  ...and knowledge of various on-premises, cloud-based, and hybrid resources to address security... 
    Suggested
    For contractors
    Remote work
    Flexible hours

    GuidePoint Security

    Reston, VA
    3 days ago
  •  ...Title: Senior Cloud Security Engineer Location: Remote Note: Temp to hire. Pay Range: $70/hr. to $75/hr. on w2. About the Opportunity As a Senior Cloud Security Engineer, you will lead the design and delivery of cloud-focused security capabilities... 
    Suggested
    Temporary work
    Remote work
    Shift work

    LanceSoft

    Reston, VA
    4 days ago
  •  ...looking for a Mid-Level DevSecOps SME / Information System Security Engineer (ISSE) to join a collaborative, dynamic team in a fast-paced,...  ...information systems design, containerized applications, and cloud architectures (AWS or GCP), and information security aspects... 
    Suggested
    Full time
    For contractors

    Dark Wolf Solutions

    Herndon, VA
    23 days ago
  • $131k - $271.6k

     ...you? Constant learning, skill growth, great benefits, and a team that wants you to grow and succeed.    SAP NS2 Senior Cloud Security Engineer-TS/SCI + poly Onsite - Chantilly, VA  Active TS SCI with Polygraph Required  NS2 COMPANY DESCRIPTION SAP is the global... 
    Permanent employment
    Full time
    Worldwide
    Flexible hours

    SAP

    Herndon, VA
    1 day ago
  • $148.5k - $223.9k

     ...future of Salesforce. We are looking for a Senior Offensive Security Engineer (Red Team) with a strong, hands-on attacker mindset to...  ...simulating real-world threat actors across applications, platforms, cloud infrastructure, and enterprise environments. Identify,... 

    Salesforce.Com Inc

    Herndon, VA
    2 days ago
  • $81k - $155k

     ...up, everywhere & always. Want in? Join the #VTeamLife. What you’ll be doing... The GN&T Network Security team is looking for a highly motivated and experienced Engineer to join the Network Security Defense team. The Defense teams are responsible for owning the security... 
    Full time
    Temporary work
    Part time
    Work experience placement
    Work at office
    Work from home
    Flexible hours
    Shift work
    3 days per week

    Verizon

    Ashburn, VA
    2 days ago
  • $119.32k - $202.85k

     ...The Work: ICF is seeking an experienced and driven Software Security Engineer to lead and oversee mission-critical initiatives in support of...  ...). In this role, you will help safeguard applications and cloud-based systems by integrating security best practices throughout... 
    Full time
    Contract work
    Work experience placement
    Work at office
    Immediate start
    Remote work

    ICF International Inc

    Reston, VA
    4 days ago
  • $120.5k - $231k

     ...everywhere & always. Want in? Join the #VTeamLife. What you'll be doing... The Verizon Network Security team is looking for a highly motivated and experienced Principal Engineer to join the Net-Sec Defense Organization under the Broadband Access team. You will be... 
    Full time
    Temporary work
    Part time
    Work experience placement
    Work at office
    Work from home
    Shift work
    3 days per week

    Verizon

    Ashburn, VA
    4 days ago
  • $133.14k - $247.26k

     ...days onsite) out of our DC or Silver Spring office.* The Cloud Security Architect (AWS) is a hands-on security leader with deep...  ...(WBD) Cloud Security team, this role partners closely with engineering and product teams to embed security into cloud architectures... 
    Temporary work
    Work at office
    Local area

    Warner Bros. Discovery

    Sterling, VA
    3 days ago
  •  ...Sr. Cloud Security Architect The Sr. Cloud Security Architect will act as a cloud security subject matter expert, responsible for designing...  ...impact of security controls. Mentor junior security engineers and contribute to team development. Maintain documentation... 

    Cynet Systems

    Sterling, VA
    4 days ago
  •  ...Role : Cloud Security Architect Hands on Experience in Azure Security (Azure Bastion, Gateway/VNet Peering etc.,) Azure IAM and Identity Governance Experience Hands-on development experience on Azure Functions/DB's/Network management Experience with... 

    Futran Tech Solutions Pvt. Ltd.

    Sterling, VA
    4 days ago
  •  ...Northstrat is seeking an experienced and driven Cloud/DevOps Engineer to join our dynamic team. The ideal candidate will have a minimum of...  ...Lambda, KMS, workspaces, etc. ~ Required certification Security+ CE, SSCP, CCNA-Security, or GSEC ~ Must have an... 
    Full time
    Contract work
    Work experience placement
    Flexible hours
    Weekend work
    Weekday work

    Northstrat

    Herndon, VA
    4 days ago
  •  ...Cloud Dev Ops Engineering & Ops Employment Type: Full-Time Minimum Experience: Experienced Clearance Requirement: The successful candidate must hold an Active TS/SCI security clearance for which the US Government Requires US Citizenship. Ready to Join Our Team... 
    Full time
    Work at office
    Flexible hours

    1872 Consulting

    Herndon, VA
    2 days ago
  •  ...mental health centers nationwide.Role SummaryThe Azure DevOps Engineer is a senior technical leader responsible for designing and evolving...  ...and drives measurable improvements in deployment reliability, security, and operational maturity. The Tier 3 engineer mentors other... 

    Centurion Health

    Sterling, VA
    1 day ago
  • $178.4k - $226.7k

     ...performing question-driven analysis is required. As a Senior Security Intelligence Engineer, you will help enhance our capabilities by identifying new...  ...to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations,... 
    Flexible hours
    Night shift
    Weekend work

    Amazon

    Herndon, VA
    2 days ago
  • $135k - $216k

     ...working alongside leaders in aviation, engineering, data science, and systems integration....  ...Peraton is seeking a Information Systems Security Engineer (ISSE) to join our team of qualified...  .... Familiarity with network security, cloud environments, and encryption... 
    Contract work
    For subcontractor
    Shift work

    Peraton

    Herndon, VA
    1 day ago
  •  ...F&A Technologies LLC (F&A) is seeking a skilled and motivated Information Systems Security Engineer (ISSE) to work hand-in-hand with our Development and Sustainment Teams in navigating Security policy/requirements that effectively deliver compliant and compelling technical... 
    Work at office
    Flexible hours

    F&A Technologies LLC

    Herndon, VA
    2 days ago
  • $111.8k - $221.8k

     ...Information Systems Security Engineer Herndon, VA At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared purpose to pursue the... 
    Contract work
    Local area

    Accenture Federal Services

    Herndon, VA
    2 days ago
  • $159.3k - $202.4k

     ...experience performing question-driven analysis is required. As a Security Intelligence Engineer, you will help enhance our capabilities by identifying new...  ...to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations,... 
    Internship
    Flexible hours

    Amazon

    Herndon, VA
    2 days ago
  •  ...Overview VTG is seeking a highly skilled Information Systems Security Engineer (ISSE) to design, implement, and maintain security controls across enterprise systems and networks. This role ensures systems are compliant with security requirements while supporting mission... 

    VTG Defense

    Herndon, VA
    2 days ago
  •  ...NO REMOTE WORK, MUST WORK ON SITE Job Description: As a security engineer on our team, you'll evaluate and support the documentation,...  ...the current environment and knowledge of various on-premise, cloud-based, and hybrid resources to address security requirements.... 
    Remote work

    DAN Solutions

    Reston, VA
    7 days ago
  •  ...modernize their infrastructure and manage their data.   TrueTandem is seeking experienced, skilled, and passionate Senior Cloud Security Engineers to support enterprise-wide cybersecurity modernization initiatives for large U.S. Federal government agencies. Ideal... 

    True Tandem

    Reston, VA
    16 days ago
  •  ...serve. About the Role SteerBridge Strategies is seeking a Security Engineer to support a mission-critical Defense Aviation platform operating within AWS GovCloud. This role will focus on securing cloud infrastructure, implementing security controls, monitoring threats... 

    SteerBridge

    Vienna, VA
    27 days ago
  •  ...will serve as a member of the Exostar Information Security Office and will report to the Manager of Governance & Engineering. This role is responsible for designing and...  ...technical security controls across application, cloud, identity, and PKI environments. The successful... 
    Work at office
    Flexible hours

    Exostar

    Herndon, VA
    2 days ago
  • $86.8k - $198k

     ...testing tools and techniques to ensure security of computer systems, applications, servers...  ...Computer Science, Information Systems, Engineering, or a related field Certified Ethical Hacker...  ...Penetration Tester ( GPEN ) , or GIAC Cloud Penetration Tester Certification... 
    Full time
    Contract work
    Part time
    Local area
    Remote work

    Dormont Manufacturing Company

    Herndon, VA
    4 days ago
  • $45k - $65k

    Blu Omega LLC seeks a Junior Vulnerability Analyst to support the NIH cybersecurity operations center. This remote role is responsible for assessing and mitigating cybersecurity vulnerabilities in critical healthcare and federal systems. Candidates should demonstrate a...
    Remote work

    Blu Omega LLC

    Ashburn, VA
    3 days ago
  • $87.1k - $157.45k

     ...Job Overview Department of Homeland Security (DHS), Customs and Border Protection (CBP)...  ...facing websites, wireless, mobile/cellular, cloud, security devices, servers and...  ...remediation recommendations. Partner with SOC, engineering, and security teams to validate and remediate... 
    Local area

    Koitecc Solutions

    Ashburn, VA
    1 day ago
  • $86.8k - $198k

     ...systems and networks, develops exploits, and engineers attack met hodologies. Applies advanced...  ...adversarial tactics to conduct security testing 3+ years of experience performing...  ...Assurance Penetration Tester ( GPEN ) , or GIAC Cloud Penetration Tester Certification... 
    Full time
    Contract work
    Part time
    Local area
    Remote work

    Booz Allen Hamilton

    Herndon, VA
    20 hours ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Cloud Security Engineer. Be the first to apply!