Product Security Engineer

Aras is a leader in product lifecycle management (PLM) and digital thread solutions. As one of the fastest growing PLM companies, our technology enables the rapid delivery of flexible solutions built on a powerful digital thread backbone and a low-code development platform. 

Our platform and PLM applications connect users in all disciplines to critical product data and processes across the lifecycle and throughout the extended supply chain. The world’s largest manufacturers are leveraging Aras Innovator to manage their complex product lifecycles to improve production timelines, meet and exceed revenue growth targets, and accelerate innovation. We collaborate with companies in some of the most innovative industries, including automotive, industrial/heavy equipment, aerospace and defense, and high-tech electronics. 

As a Product Security Engineer specializing in our Security Operations Center (SOC) for Azure environments, you will play a crucial role in safeguarding our company’s digital assets. You will focus on monitoring, detecting, investigating, and responding to security threats, ensuring robust defense measures against potential security breaches. 

Key Responsibilities

Threat Monitoring and Detection: Monitor Azure cloud infrastructure for potential threats using SOC tools and technologies. Analyze and prioritize alerts to identify security incidents. 

Incident Response: Respond to Level 2 security incidents, coordinate with relevant teams to mitigate risks, and ensure timely resolution of security issues. 

Security Investigations: Conduct detailed investigations of complex security incidents to determine root causes and the scope of the impact. Utilize forensic analysis techniques as needed. 

Improvement of Detection Capabilities: Develop and refine SOC detection mechanisms in Azure. Customize security tools and technologies to enhance detection and response capabilities. 

Collaboration and Reporting: Work closely with other security and Global Cloud Services teams to enhance overall security posture. Prepare detailed incident reports and documentation for both technical and non-technical stakeholders. 

Automation and Tool Development: Develop scripts or tools to automate response and mitigation processes, enhancing the SOC’s operational efficiency. 

Operate as the stand-alone Security Operations Engineer, responsible for independently monitoring, detecting, investigating, and responding to threats without reliance on a full SOC team. 

Own the end-to-end SOC function, including workflows, runbooks, escalation models, and continuous improvement. 

Drive operational security decisions and act as the primary incident commander for security events. 

Build and mature SOC capabilities, including onboarding new data sources, improving alert fidelity, and optimizing operational processes. 

Leverage AI/ML-powered security tools and detection engines to enhance monitoring, triage, and investigation workflows. 

Evaluate and tune AI-assisted anomaly detection models to reduce false positives and improve threat identification accuracy. 

Utilize LLM-based copilots or automated investigation frameworks to accelerate incident triage and response. 

Assess security risks associated with AI workloads, including model abuse, prompt injection, data leakage, and adversarial scenarios. 

Required Qualifications

Education: Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field. 

Experience operating security functions in Azure GovCloud or GCC High environments, including managing segregated environments, boundary protections, and compliance-driven logging limitations. 

Understanding of U.S. Government cloud regulatory frameworks such as FedRAMP High, NIST 800-53, DoD SRG, and data residency requirements. 

Familiarity with GovCloud-specific service differences, authentication flows, and monitoring constraints. 

Practical experience securing Azure GovCloud environments subject to NIST 800-171 and CMMC 2.0, ensuring proper protection of CUI through compliant detection, response, and monitoring practices. 

Certifications: Microsoft Certified: Security Operations Analyst Associate or other relevant Azure certifications. 

Preferred Qualifications 

3+ years of experience in information security, specifically in a SOC environment. 

Experience with Azure cloud services is highly preferred. 

Desired: Experience with Managed Detection and Response (MDR) services. 

Technical Skills

Proficiency in security information and event management (SIEM) tools and technologies. 

Strong understanding of network security, endpoint security, and cloud security principles. 

Experience with scripting languages (e.g., Python, PowerShell) for automation. 

Familiarity with Azure-specific tools and services for security management. 

Soft Skills

Strong analytical and problem-solving skills. 

Excellent communication and teamwork abilities. 

Ability to handle high-pressure situations and make decisions quickly. 

We were recognized as a leader in The Forrester Wave™: Product Lifecycle Management for Discrete Manufacturers, Q1 2023 and were also named a leader in the 2023 SPARK Matrix for PLM by Quadrant Knowledge Solutions. Feedback from our community has established Aras as the top ranked PLM vendor in online review services like G2 and Gartner Peer Insights. 

With over 700 employees in 11 countries, we’re looking to add to our incredible team. If you’re passionate about helping develop next generation product innovation, we encourage you to apply! 

Compensation for the role will be commensurate with experience.

The total expected base salary range will be between $120,000-$140,000. This position is eligible for additional compensation. 

Flexible paid time off to recharge when you need it, plus company-paid holidays and a dedicated Global Wellness Day. 

A 401(k) plan with company match to help you invest in your future. 

Robust health coverage, including generous medical, dental, and vision insurance with high premium contributions and deductible reimbursement. 

Company-paid life insurance, as well as short- and long-term disability coverage for added peace of mind. 

Please visit our Privacy Notice and our California Consumer Privacy Act (CCPA).