Job Description
Meet Our Team:
Pega is The Enterprise Transformation Company that helps organizations Build for Change with enterprise AI decisioning and workflow automation. We offer a commercial SaaS version of our industry-leading platform to our global clients. Pega was recently recognized as one of the “ by industry analysts and just hit a huge milestone of joining the S&P MidCap 400. On the frontlines of this success is the Pega Cloud Security Operations Center (CSOC). Our team of information security professionals is charged to protect Pega’s commercial cloud assets and offerings. We accomplish this by creatively working to deter, detect, deny, delay, and defend against internal and external security threats. The CSOC provides monitoring, detection, and incident response services for Pega Cloud.
Picture Yourself at Pega:
Pega is The Enterprise Transformation Company that helps organizations Build for Change with enterprise AI decisioning and workflow automation. We offer a commercial SaaS version of our industry-leading platform to our global clients. Pega was recently recognized as one of the “Top 10 Tech Winners For The AI Revolution” by industry analysts and just hit a huge milestone of joining the S&P MidCap 400. On the frontlines of this success is the Pega Cloud Security Operations Center (CSOC). Our team of information security professionals is charged to protect Pega’s commercial cloud assets and offerings. We accomplish this by creatively working to deter, detect, deny, delay, and defend against internal and external security threats. The CSOC provides monitoring, detection, and incident response services for Pega Cloud.
What You'll Do at Pega:
Help design and implement Pega’s cloud-native SIEM solution (Google Chronicle/SecOps)Manage and maintain the Chronicle/SecOps SIEM platform, ensuring its effective operation and integration with other security and automation toolsDevelop dashboards, reports, and other non-alert based content to maintain and improve situational awareness of Pega Cloud’s security postureAssist in the development of SOAR playbooks for use by analysts to enrich, investigate, and respond to security alerts and detectionsAssist the threat detection team in developing and maintaining security monitoring and alerting rules based on use cases for known and emerging threats and hypotheses derived from the Pega threat landscapeCollaborate with cross-functional teams to assist data ingestion/parsing efforts & ensure best security practices are followedContribute to standard operating procedure (SOP) and policy development for CSOC detection and analysis tools and methodologiesParticipate regular security assessments and audits to identify and mitigate risksProvide technical guidance and mentorship to junior team membersWho You Are:
You have an insatiable curiosity and a relentless drive to engineer smarter, faster, and more scalable ways to detect, investigate, and respond to threats in the cloud. You've architected and fine-tuned detection pipelines, enriched telemetry sources, and built resilient integrations that empower security teams to act with speed and precision. You bring deep expertise in cloud-native platforms—especially AWS, GCP, and Chronicle/SecOps—and are ready to apply that knowledge to elevate Pega Cloud’s detection and response capabilities.
You have a proven track record in the security engineering space. Your accomplishments include:
Earning top-tier technical certifications such as AWS Certified Solutions Architect, Google Cloud Professional Security Engineer, or Splunk Certified Architect.Recognition for designing and deploying innovative SIEM solutions that close visibility gaps and enhance detection coverage across complex cloud environments.What You've Accomplished:
Your background and competencies include:
5+ years of experience in SIEM engineering and administration1-2 years of current, operational experience with Google Chronicle/SecOps, including implementation, management, and optimization3+ years of operational experience working with YARA-L, Grok, and YAML languagesExperience with Splunk Enterprise Security (ES), including writing SPL and building correlation searches, lookup files, and other knowledge objectsOperational experience working with SOAR technologies and creating automation integrations and playbooksStrong experience with cloud architecture, infrastructure, and resources (AWS & GCP), along with the associated services, threats, and mitigations – including knowledge and analysis of various cloud logs such as CloudTrail, Cloud Audit, GuardDuty, Security Command Center, CloudWatch, Cloud Ops, Trusted Advisor, Recommender, VPCFlow, and WAF logsOperational experience with EDR/XDR platforms, related logs, and integrationsSolid working knowledge of MITRE ATT&CK framework, the associated TTP's and how to map detections against them, particularly the cloud matrix portionA solid foundational understanding of computer, OS (Linux/Windows), and network architecture concepts, and various related exploits/attacksProficiency in scripting languages such as Python, PowerShell, or BashStrong understanding of security best practices and frameworks (e.g., NIST, ISO 27001).Experience developing standard operating procedures (SOPs), runbooks/playbooks for repeated actions, and security operations policies – with an aim to maximize our tools’ potential with automation whenever possibleFamiliarity with threat intelligence platforms and frameworksStrong analytical skills and ability to interpret complex data setsA demonstrated ability to work in a team environment and foster a healthy, productive team culture:Proactive communicator with both verbal and written communicationProcess oriented with the ability to extract key action items from situations and convert them into repeatable processes for others to emulateVision on long-term mechanisms as opposed to heroic efforts and/or tribal knowledgePega Offers You:
Gartner Analyst acclaimed technology leadership across our categories of productsContinuous learning and development opportunitiesAn innovative, inclusive, agile, flexible, and fun work environmentCompetitive global benefits program inclusive of pay + bonus incentive, employee equity in the company #LI-SK1
Apply for this Position
Ready to join ? Click the button below to submit your application.
Submit Application