Pega is transforming software development by offering innovative solutions to major global organizations and renowned brands. We enable rapid transformation from problems to effective solutions, meeting the high expectations of businesses worldwide that depend on Pega for business and customer experience enhancement. As a DevSecOps Specialist for Pega Infinity and Launchpad, you'll become a subject matter expert in their design and architecture. We're looking for a seasoned DevSecOps Engineer skilled in integrating security throughout the development lifecycle. At Pega Systems, you'll play a key role in advancing our security practices by designing robust frameworks, automating security practices, and fostering a security-first culture. You'll join a team of dedicated and spirited individuals committed to building a world-class low-code product. We embrace a "work hard, play hard" ethos, driven by passion and ownership to achieve meaningful results. If you're eager to contribute to cutting-edge projects and enhance our security posture, join us in a forward-thinking organization that values continuous improvement and professional growth.
Picture Yourself at Pega:As a Senior DevSecOps Engineer at Pega, you will be one of the key members of the integration of security practices into the DevOps lifecycle, ensuring that security is a core component of software development and deployment. You will design and implement automated security testing tools and processes within CI/CD pipelines, enhancing security coverage and efficiency
What You'll Do at Pega: Learn the Pega platform to ensure its security posture remains intact.Integrate security practices into the DevOps pipeline, embedding security throughout development and deployment.Understand Pega products and incorporate security best practices at every level.Design and implement automated security testing tools and processes within CI/CD pipelines to enhance efficiency and coverage.Conduct risk assessments and threat modeling to identify vulnerabilities and propose balanced mitigation strategies.Collaborate with incident response teams to quickly identify, contain, and remediate security incidents, and conduct post-incident analyses.Work closely with cross-functional teams to promote a security-first mindset across the organization.Have a good understanding of tools like Veracode, JFrog Xray, Trivy, ReveneraGood expertise in understanding of security testing methodologies, such as SAST, DAST, and penetration testing – along with good proficiency with tools like OWASP ZAP, Burp Suite, or Fortify is highly recommended.Stay current with emerging security trends and technologies to drive continuous improvement in the organization’s security posture.Mentor junior team members and guide them in solving issues.Collaborate with stakeholders such as the support team and release management.Create and curate knowledge base articles to improve documentation.Who You Are:You are a seasoned DevSecOps professional with expertise in integrating security throughout the DevOps lifecycle and automating testing frameworks. Proficient in any of the programming languages like Python, Java, or Go, and tools such as Jenkins, Docker, and Kubernetes, you excel in technical problem-solving and collaboration with cross-functional teams. A continuous learner, you stay updated on security trends and thrive in dynamic environments, always enhancing security practices. As a proactive and adaptable team player, you embrace feedback, engage in retrospection, and are driven by measurable results and self-improvement.
What You've Accomplished: 4-6 years of successfully embedding security into DevOps processes, automated testing frameworks, and led initiatives to enhance the organization's security posture, demonstrating expertise in risk assessment, vulnerability management, and cross-functional collaboration.CI/CD Tools: Proficient in Jenkins, GitLab CI/CD, Travis CI, or CircleCI (Any 2 CI/CD tools) for integrating security into automated pipelines, ensuring security is central to development and deployment.Security Testing Tools: Expertise in SAST tools like SonarQube or Fortify and DAST tools such as OWASP ZAP or Burp Suite. Vulnerability Management: Familiar with Nessus, Qualys, or OpenVAS for vulnerability assessments and remediation.Automation and Programming: Developed automated security testing frameworks, reducing deployment time and enhancing security. Skilled in languages like Python, Java, or Go, and scripting with Bash or PowerShell.Security Standards: Understanding of frameworks like NIST, ISO 27001, and compliance with GDPR.Risk and Threat Management: Conducts risk assessments and threat modeling to identify and mitigate risks.Collaboration and Communication: Excellent at working with cross-functional teams and communicating complex security concepts to various stakeholders.Problem Solving: Strong analytical skills to identify vulnerabilities and devise effective solutions.Continuous Improvement: Committed to staying updated on security trends and applying new knowledge to enhance practices.Additional Skills: Knowledge of Agile/Scrum methodologies and Security certifications like CISSP, CISM, CEH, or OSCP are beneficial.Good to have skills – Have a basic understanding of tools like Veracode, JFrog Xray, Trivy, Revenera would be an added advantage.Pega Offers You: A rapidly growing yet well-established businessThe world’s most innovative organizations as reference-able clientsGartner Analyst acclaimed technology leadership across our categories of productsContinuous learning and development opportunitiesAn innovative, inclusive, agile, flexible, and fun work environmentCompetitive global benefits program inclusive of pay + bonus incentiveEmployee equity in the company#Li-CK Job ID: 21436
Inclusion and Diversity – Inclusive is one of our values at Pega. Pegasystems is committed to inclusion and diversity and strives to foster a fair and inclusive environment for all. We believe Pega can achieve more when we create a culture that inspires each of us to fully contribute each and every day. We encourage diverse thinking and collaboration for better outcomes for all. Learn more about our inclusive culture.
We encourage candidates of all backgrounds and skillsets to consider opportunities at Pega. At Pega, we focus on the skills needed to be successful and we know that our employees can thrive even if they don't possess a traditional background. If you like the sound of this role, but are not sure if you are the right person, please consider applying. We would love to hear from you!
As an Equal Opportunity and Affirmative Action employer, Pegasystems will not discriminate in its employment practices due to an applicant's race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, veteran or disability status, or any other category protected by law.
Export Compliance – For positions requiring access to technical data subject to export control regulations such as this, Pegasystems may need to obtain export license approval from the U.S. Government and EU Authorities for certain individuals.
Accommodations – If you require reasonable accommodations under the Americans with Disabilities Act (US only) or comparable regional regulations in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please contact us here or contact (US only) 1-888-PEGA-NOW and/or 225 Wyman Street Waltham, MA 02451 ATTN: Benefits.
Labor Condition Applications
GDPR Candidate Privacy Notice
Pegasystems Limited UK Gender Pay Gap Statement
EEO/AA Policy Statement
Know Your Rights: Workplace Discrimination is Illegal
Pay Transparency Policy Statement
Your Employee Rights Under the Family and Medical Leave Act
E-Verify Notice
Employee Polygraph Protection Act Rights
Already have an account? Log in.
First Name Last Name Phone Email City Select country of residence (required)AfghanistanÅland IslandsAlbaniaAlgeriaAmerican SamoaAndorraAngolaAnguillaAntarcticaAntigua and BarbudaArgentinaArmeniaArubaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBolivia, Plurinational State ofBosnia and HerzegovinaBotswanaBouvet IslandBrazilBritish Indian Ocean TerritoryBrunei DarussalamBulgariaBurkina FasoBurundiCambodiaCameroonCanadaCape VerdeCayman IslandsCentral African RepublicChadChileChinaChristmas IslandCocos (Keeling) IslandsColombiaComorosCongoCongo, the Democratic Republic of theCook IslandsCosta RicaCôte d’IvoireCroatiaCubaCuracaoCyprusCzech RepublicDenmarkDjiboutiDominicaDominican RepublicEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEswatiniEthiopiaFalkland Islands (Malvinas)Faroe IslandsFijiFinlandFranceFrench GuianaFrench PolynesiaFrench Southern TerritoriesGabonGambiaGeorgiaGermanyGhanaGibraltarGreeceGreenlandGrenadaGuadeloupeGuamGuatemalaGuernseyGuineaGuinea-BissauGuyanaHaitiHeard Island and McDonald IslandsHoly See (Vatican City State)HondurasHong KongHungaryIcelandIndiaIndonesiaIran, Islamic Republic ofIraqIrelandIsle of ManIsraelItalyJamaicaJapanJerseyJordanKazakhstanKenyaKiribatiKorea, Democratic People's Republic ofKorea, Republic ofKosovoKuwaitKyrgyzstanLao People's Democratic RepublicLatviaLebanonLesothoLiberiaLibyan Arab JamahiriyaLiechtensteinLithuaniaLuxembourgMacaoMacedonia, the former Yugoslav Republic ofMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall IslandsMartiniqueMauritaniaMauritiusMayotteMexicoMicronesia, Federated States ofMoldova, Republic ofMonacoMongoliaMontenegroMontserratMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNetherlands AntillesNew CaledoniaNew ZealandNicaraguaNigerNigeriaNiueNorfolk IslandNorthern Mariana IslandsNorwayOmanPakistanPalauPalestine, State ofPanamaPapua New GuineaParaguayPeruPhilippinesPitcairnPolandPortugalPuerto RicoQatarRéunionRomaniaRussiaRwandaSaint BarthélemySaint Helena, Ascension and Tristan da CunhaSaint Kitts and NevisSaint LuciaSaint Martin (French part)Saint Pierre and MiquelonSaint Vincent and the GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi ArabiaSenegalSerbiaSeychellesSierra LeoneSingaporeSlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSouth Georgia and the South Sandwich IslandsSouth SudanSpainSri LankaSudanSurinameSvalbard and Jan MayenSwedenSwitzerlandSyrian Arab RepublicTaiwanTajikistanTanzania, United Republic ofThailandTimor-LesteTogoTokelauTongaTrinidad and TobagoTunisiaTurkeyTurkmenistanTurks and Caicos IslandsTuvaluUgandaUkraineUnited Arab EmiratesUnited KingdomUnited StatesUnited States Minor Outlying IslandsUruguayUzbekistanVanuatuVenezuela, Bolivarian Republic ofViet NamVirgin Islands, BritishVirgin Islands, U.S.Wallis and FutunaWestern SaharaYemenZambiaZimbabwe Country of Residence Postal code How did you learn about Pega? (required)Career FairCollege FairEmployee ReferralGlassdoorInstahyreJob BoardsJobStreetJobsDBLinkedIn - Ad ResponseNaukri.comPega AlumniPega WebsiteStack Overflow - Ad Response How did you learn about Pega? Enter genderMaleFemaleNon-BinaryI prefer not to self-identify Gender Password 8 characters minimum 1 number 1 special character (!@#%$*+.) 1 lowercase character 1 uppercase character Password By providing a password, you will become a Pega Digital Community Member and be able to track your application status Upload your resume Files Dropbox Google Drive UploadRequired, allowed file types are DOC, DOCX, PDF, TXT (2MB max)
Submit Application By clicking "Submit Application" I agree that I have read and agree to Pegasystems Privacy and Security Policy, Terms of Use, and Candidate Privacy Notice. If at any time I would like to opt-out of receiving text messages, I can text "stop" after receiving a text message from Pegasystems.