×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager

Principal Threat Detection Engineer

Job in Waltham, Middlesex County, Massachusetts, 02254, USA
Listing for: Pegasystems
Full Time position
Listed on 2026-02-28
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

We'd prefer it if you saw us at our best.

is not optimized for Internet Explorer. For the optimal experience, please use:

Pega is The Enterprise Transformation Company that helps organizations Build for Change with enterprise AI decisioning and workflow automation. We offer a commercial SaaS version of our industry-leading platform to our global clients. Pega was recently recognized as one of the “Top 10 Tech Winners For The AI Revolution” by industry analysts and just hit a huge milestone of joining the S&P Mid Cap 400 .

On the front lines of this success is the Pega Cloud Security Operations Center (CSOC). Our team of information security professionals is charged to protect Pega’s commercial cloud assets and offerings. We accomplish this by creatively working to deter, detect, deny, delay, and defend against internal and external security threats. The CSOC provides monitoring, detection, and incident response services for Pega Cloud.

Picture

Yourself at Pega:

As a Principal Detection Engineer, you will be responsible for designing and delivering high‑quality, high‑confidence security detections that safeguard Pega Cloud. You will work closely with threat hunters, DFIR analysts, cloud engineers, and platform teams to stay ahead of adversaries — not just responding to threats but anticipating them. Your focus will be on building, tuning, refining, and optimizing detection content, and contributing directly to our threat hunting program.

You will help convert threat hunt findings, incident learnings, and intelligence insights into actionable detections, dashboards, and playbooks. This is a hands‑on technical role for someone who loves deep threat understanding, automation, and data‑driven detection engineering.

What You'll Do at Pega:

Detection Engineering

  • Build reliable detections for AWS, GCP, Kubernetes, Linux, and SaaS platforms.
  • Turn threat insights into actionable detection logic.
  • Create detection content and dashboards on attacker behavior, anomalies, and cloud threats.
  • Transform hunt outputs into scalable detections, SOPs, and automation.
  • Use SIEM tools (Chronicle/Sec Ops preferred; Splunk helpful) for log ingestion, correlation, and alerts.

Tuning & Content Optimization

  • Continuously tune, refine, and improve existing alerts based on feedback from DFIR and Security Engineering.
  • Enhance visibility and detection coverage across cloud platforms by identifying telemetry gaps.
  • Validate detections against real‑world attacker TTPs and red‑team behaviors based on MITRE ATT&CK Framework.
  • Engage in both structured, hypothesis‑driven and exploratory threat hunting activities on a regular basis.
  • Assess and address gaps, identify recurring patterns, and evaluate opportunities to develop new detection methods and automate processes.
  • Collaborate with Cloud and Security Engineering teams to ensure comprehensive logging is implemented to support detection and investigation efforts.
  • Provide mentorship to analysts on developing detection logic, applying threat methodologies, and utilizing advanced query techniques.

SME Responsibilities

  • Act as a subject matter expert specializing in detection engineering and cloud attacker activity.
  • Offer advice on SIEM query languages, including effective methods to create robust and scalable detection content.
  • Assist with documentation related to detection logic, content lifecycle management, and standard operating procedures (SOPs).
Who You Are:

Analytical cybersecurity professional skilled in cloud threats, attacker behavior analysis, data exploration, and scalable detection strategy design.

  • Analytical and persistent cybersecurity professional with expertise in cloud threats, attacker tactics, and scalable detection strategies.
  • Experienced in AWS/GCP detection building
  • Knowledgeable in MITRE ATT&CK, NIST, D3

    FEND, CIS
  • Skilled with Kubernetes/EKS/GKE, Linux, cloud security tools
  • Strong OS internals, networking, log analysis, and detection logic
  • Able to collaborate across SOC, engineering, and architecture teams
What You've Accomplished:
  • 9+ years in cybersecurity with a strong focus on SOC operations, detection engineering, or threat hunting
  • Built scalable, cloud‑native detections across AWS, GCP,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search