Jobs · Information Technology · Massachusetts

Product Security Engineer

Aras Corporation · Andover, MA · 2 wk ago
HybridInformation Technology$100k–$125k/yrFull-time

Key Responsibilities

  • Monitor Azure cloud infrastructure for potential threats using SOC tools and technologies.
  • Analyze and prioritize alerts to identify security incidents.
  • Respond to Level 2 security incidents, coordinate with relevant teams to mitigate risks, and ensure timely resolution of security issues.
  • Conduct detailed investigations in Aras SaaS of complex security incidents to determine root causes and the scope of the impact.
  • Utilize forensic analysis techniques as needed.
  • Develop and refine SOC detection mechanisms in Azure.
  • Customize security tools and technologies to enhance detection and response capabilities.
  • Work closely with Product Security and Global Cloud Services teams to enhance overall security posture.
  • Prepare detailed incident reports and documentation for both technical and non-technical stakeholders.
  • Develop scripts or tools to automate response and mitigation processes, enhancing the SOC’s operational efficiency.
  • Own the end-to-to SOC function, including workflows, run books, escalation models, and continuous improvement.
  • Drive operational security decisions and act as the primary incident commander for security events.
  • Build and mature SOC capabilities, including onboarding new data sources, improving alert fidelity, and optimizing operational processes.
  • Leverage AI/ML-powered security tools and detection engines to enhance monitoring, triage, and investigation workflows.
  • Evaluate and tune AI-assisted anomaly detection models to reduce false positives and improve threat identification accuracy.
  • Utilize LLM-based copilots or automated investigation frameworks to accelerate incident triage and response.
  • Assess security risks associated with AI workloads, including model abuse, prompt injection, data leakage, and adversarial scenarios.

Required Qualifications

  • Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
  • Experience operating security functions in Azure GovCloud or GCC High environments, including managing segregated environments, boundary protections, and compliance-driven logging limitations.
  • Understanding of U.S. Government cloud regulatory frameworks such as FedRAMP High, NIST 800-53, DoD SRG, and data residency requirements.
  • Familiarity with GovCloud-specific service differences, authentication flows, and monitoring constraints.
  • Practical experience securing Azure GovCloud environments subject to NIST 800-171 and CMMC 2.0, ensuring proper protection of CUI through compliant detection, response, and monitoring practices.
  • Certifications: Microsoft Certified: Security Operations Analyst Associate or other relevant Azure certifications.

Preferred Qualifications

  • 3-5 years of experience in information security, specifically in a SOC environment.
  • Experience with Azure cloud services is highly preferred.
  • Desired: Experience with Managed Detection and Response (MDR) services.

Technical Skills

  • Proficiency in security information and event management (SIEM) tools and technologies.
  • Strong understanding of network security, endpoint security, and cloud security principles.
  • Experience with scripting languages (e.g., Python, PowerShell) for automation.
  • Familiarity with Azure-specific tools and services for security management.

Soft Skills

  • Strong analytical and problem-solving skills.
  • Excellent communication and teamwork abilities.
  • Comfortable asking questions and receptive to feedback.
  • Ability to handle high-pressure situations and make decisions quickly.

Similar jobs

Product Security Engineer

Applied IntuitionSunnyvale, CA· 3 wk ago
Information Technology$133k–$190k/yrapply on jobs.ashbyhq.com