Product Security Engineer (m/f/d)

Position: Product Security Engineer (m/f/d)
Location:  Available to candidates located in Poland

Aras is a leader in product lifecycle management (PLM) and digital thread solutions. As one of the fastest growing PLM companies, our technology enables the rapid delivery of flexible solutions built on a powerful digital thread backbone and a low-code development platform.  

Our platform and PLM applications connect users in all disciplines to critical product data and processes across the lifecycle and throughout the extended supply chain. The world’s largest manufacturers are leveraging Aras Innovator to manage their complex product lifecycles to improve production timelines, meet and exceed revenue growth targets, and accelerate innovation. We collaborate with companies in some of the most innovative industries, including automotive, industrial/heavy equipment, aerospace and defense, and high-tech electronics.  

As a Product Security Engineer specializing in our Security Operations Center (SOC) for Azure environments, you will play a crucial role in safeguarding our company’s digital assets. You will focus on monitoring, detecting, investigating, and responding to security threats, ensuring robust defense measures against potential security breaches. The ideal candidate will have an engineering-focused background and mindset to approach the role. This role is a product-focused position.  

The ideal candidate is expected to operate as the stand-alone Product Security Operations Engineer responsible for independently monitoring, detecting, investigating, and responding to threats without reliance on a full SOC team. 

Key Responsibilities 

• Threat Monitoring and Detection: Monitor Azure cloud infrastructure for potential threats using SOC tools and technologies. Analyze and prioritize alerts to identify security incidents.  

• Incident Response: Respond to Level 2 security incidents, coordinate with relevant teams to mitigate risks, and ensure timely resolution of security issues.  

• Security Investigations: Conduct detailed investigations in Aras SaaS of complex security incidents to determine root causes and the scope of the impact. Utilize forensic analysis techniques as needed.  

• Improvement of Detection Capabilities: Develop and refine SOC detection mechanisms in Azure. Customize security tools and technologies to enhance detection and response capabilities.  

• Collaboration and Reporting: Work closely with Product Security and Global Cloud Services teams to enhance overall security posture. Prepare detailed incident reports and documentation for both technical and non-technical stakeholders.  

• Automation and Tool Development: Develop scripts or tools to automate response and mitigation processes, enhancing the SOC’s operational efficiency.  

• Own the end-to-end SOC function, including workflows, runbooks, escalation models, and continuous improvement.  

• Drive operational security decisions and act as the primary incident commander for security events.  

• Build and mature SOC capabilities, including onboarding new data sources, improving alert fidelity, and optimizing operational processes.  

• Leverage AI/ML-powered security tools and detection engines to enhance monitoring, triage, and investigation workflows.  

• Evaluate and tune AI-assisted anomaly detection models to reduce false positives and improve threat identification accuracy.  

• Utilize LLM-based copilots or automated investigation frameworks to accelerate incident triage and response.  

• Assess security risks associated with AI workloads, including model abuse, prompt injection, data leakage, and adversarial scenarios.  

Required Qualifications 

• Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.  

• Experience operating security functions in Azure GovCloud or GCC High environments, including managing segregated environments, boundary protections, and compliance-driven logging limitations.  

• Understanding of U.S. Government cloud regulatory frameworks such as FedRAMP High, NIST 800-53, DoD SRG, and data residency requirements.  

• Familiarity with GovCloud-specific service differences, authentication flows, and monitoring constraints.  

• Practical experience securing Azure GovCloud environments subject to NIST 800-171 and CMMC 2.0, ensuring proper protection of CUI through compliant detection, response, and monitoring practices.  

• Certifications: Microsoft Certified: Security Operations Analyst Associate or other relevant Azure certifications.  

Preferred Qualifications  

• 3-5 years of experience in information security, specifically in a SOC environment.  

• Experience with Azure cloud services is highly preferred.  

• Desired: Experience with Managed Detection and Response (MDR) services.  

Technical Skills 

• Proficiency in security information and event management (SIEM) tools and technologies.  

• Strong understanding of network security, endpoint security, and cloud security principles.  

• Experience with scripting languages (e.g., Python, PowerShell) for automation.  

• Familiarity with Azure-specific tools and services for security management.  

Soft Skills 

• Strong analytical and problem-solving skills.  

• Excellent communication and teamwork abilities.  

• Comfortability to ask questions. 

• Receptive feedback. 

• Ability to handle high-pressure situations and make decisions quickly.