Senior Cloud Security Operations Analyst in England

Meet Our Team

Pega is the Enterprise Transformation Company that helps organizations build for change with enterprise AI decisioning and workflow automation. We offer a commercial SaaS version of our industry‑leading platform to our global clients. On the frontlines of this success is the Pega Cloud Security Operations Center (CSOC). Our team of information security professionals protects Pega’s commercial cloud assets and offerings by deterring, detecting, denying, delaying, and defending against internal and external security threats. The CSOC provides monitoring, detection, and incident‑response services for Pega Cloud.

Picture Yourself at Pega

As a Senior Cloud Security Operations Analyst, you will play a critical role in ensuring the confidentiality, integrity, and availability of Pega’s commercial cloud infrastructure and assets. You will be key to the continuous monitoring and protection of all global cloud security operations at Pega and an active participant in incident‑response efforts. You’ll help develop processes that drive proactive, automated detection and incident‑response tactics to support the quick resolution of cloud security events and incidents.

What You’ll Do Daily:

• Perform security monitoring of Pega Cloud commercial environments using multiple security tools and dashboards, including the SIEM platform.
• Perform security investigations to identify indicators of compromise (IOCs) and better protect Pega Cloud and our clients from unauthorized or malicious activity.
• Actively contribute to incident‑response activities, identifying, containing, eradicating, recovering, and learning from incidents.
• Contribute to standard operating procedures (SOPs) and policy development for CSOC detection and analysis tools and methodologies.
• Assist in developing playbooks for analysts to investigate high‑confidence and anomalous activity.

Occasionally:

• Perform threat hunts for adversarial activities within Pega Cloud to identify evidence of attacker presence that may have been missed by existing detection mechanisms.
• Assist the threat‑detection team in developing high‑confidence Splunk notables based on hypotheses derived from the Pega threat landscape.
• Assist in developing dashboards, reports, and other non‑alert‑based content to maintain and improve situational awareness of Pega Cloud’s security posture.
• Assist in enhancing security incident‑response plans (IRPs), conducting thorough investigations, and recommending remediation measures to prevent future incidents.

Who You Are

You have an insatiable curiosity and tenacity for finding creative ways to deter, detect, deny, delay, and defend against bad actors. You have experience in the “security trenches” and understand what an efficient security operations center looks like. You have conducted in‑depth analyses of security events and alerts, contributed to incident‑response efforts, and developed methods for detecting and mitigating threats. You bring a wealth of cloud security experience and are ready to dive into cloud‑centric technical analysis and incident response to make Pega Cloud the most secure it can be.

What You’ve Accomplished

• 4+ years of industry‑relevant experience with cloud architecture, infrastructure, and resources, including associated services, threats, and mitigations.
• 3+ years in operational SIEM roles focused on analysis, investigations, and incident response, particularly with Splunk Enterprise Security (ES) and Google Chronicle/SecOps.
• 3+ years of operational experience with EDR/XDR platforms and related analysis and response techniques.
• 2+ years of operational cloud security experience—preferably AWS and/or GCP—including knowledge of cloud logs such as CloudTrail, Cloud Audit, GuardDuty, Security Command Center, VPCFlow, and WAF logs.
• Strong working understanding of UK cybersecurity and data protection laws and regulations (e.g., GDPR, UKCE).
• Solid foundational knowledge of computer, OS (Linux/Windows), and network architecture concepts, and related exploits/attacks.
• Excellent verbal and written communication skills, with poise in high‑pressure situations.
• Demonstrated teamwork and the ability to foster a healthy, productive team culture.

It Would Be Nice if You Also Have

• Solid working knowledge of MITRE ATT&CK framework and the ability to map detections against it, especially the cloud matrix.
• Familiarity with the OWASP Top 10 vulnerabilities and best practices for mitigating these risks.
• Experience developing SOPs, incident‑response plans, runbooks/playbooks, and security operations policies.
• Experience with Python, Linux shell/bash, or PowerShell scripting.

Pega Offers You

• A robust global benefits program with competitive pay, a bonus incentive, and employee equity.
• An innovative, inclusive, agile, flexible, and engaging work environment with opportunities to learn and grow.
• Access to cutting‑edge technologies and training resources for continuous learning and growth.
• Focus on collaboration, innovation, and work‑life balance with team‑building activities and open discussions during daily/weekly meetings.
• Flexibility to work remotely when needed.
• Recognition as a Gartner Analyst‑acclaimed technology leader across product categories.

Equal Opportunity Employment

Pega is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, veteran or disability status, or any other protected characteristic.