Senior Cloud Security Operations Analyst

Job Category: Engineering & Cloud

Location: Bangalore, Karnataka, India

About the Role

As a Senior Cloud Security Operations Analyst, you will play a critical role in protecting Pega Cloud commercial environments through advanced monitoring, investigation, threat detection, and incident response. You will work at the forefront of cloud security operations, leveraging multiple security tools and platforms to identify threats, respond to incidents, and continuously enhance Pega Cloud’s security posture. This role is ideal for a seasoned security professional with deep cloud, SIEM, and incident response experience, a passion for threat hunting, and a drive to build scalable, high-confidence detection and response capabilities.

What You’ll Do at Pega

• Perform continuous security monitoring of Pega Cloud environments using multiple tools and dashboards
• Conduct security investigations to identify indicators of compromise (IOCs) and malicious activity
• Actively participate in incident response, including identification, containment, eradication, and recovery
• Contribute to the creation and enhancement of SOPs, policies, playbooks, and response procedures
• Assist in improving security incident response plans and recommending preventive remediation measures
• Perform proactive threat hunting to identify adversarial activity not detected by existing controls
• Partner with threat detection teams to develop high-confidence SIEM detections, including Splunk notables
• Build and maintain dashboards, reports, and situational awareness content to improve security visibility
• Develop investigation playbooks for both high-confidence alerts and anomalous activity
• Continuously assess and enhance the overall security posture of Pega Cloud

Who You Are

You are a highly curious and tenacious security professional who thrives in cloud-centric security operations. You have hands-on experience in SOC environments and understand what it takes to build and operate an efficient, high-performing security operations center. You are analytical, proactive, and driven to detect, deter, and defend against evolving threats.

You bring:

• Deep experience in security event analysis, incident response, and threat detection
• A strong background in cloud security and adversary behavior
• The ability to remain calm and effective in high-pressure situations
• A collaborative mindset and commitment to building a strong security culture

What You’ve Accomplished

• 6+ years of industry-relevant experience in information security, with strong knowledge of cloud architecture, infrastructure, threats, and mitigations
• 4+ years in operational SIEM roles, focusing on analysis, investigations, and incident response
• 3+ years of hands-on cloud security experience, preferably in AWS and/or GCP
• 4+ years of experience working with EDR/XDR platforms and response techniques
• Hands-on incident response experience across: Linux and Windows hosts, AWS, GCP, and Kubernetes environments (EKS/GKE)
• Strong knowledge of the MITRE ATT&CK framework, especially the cloud matrix, and mapping detections to TTPs
• Familiarity with OWASP Top 10 vulnerabilities and mitigation best practices
• Solid understanding of computer systems, operating systems, networking concepts, and common exploits
• Experience creating: SOPs,Incident response plans,Runbooks and playbooks,Security operations policies
• Bachelor’s degree in Cybersecurity, Computer Science, Data Science, or a related field

Preferred Certifications & Recognition

• SANS, Offensive Security, or other industry-recognized security certifications focused on detection, analysis, or incident response
• Industry recognition for identifying and closing security gaps in applications or platforms