Product Security Engineer

Key Responsibilities

• Threat Monitoring and Detection:
  Monitor Azure cloud infrastructure for potential threats using SOC tools and technologies. Analyze and prioritize alerts to identify security incidents.
• Incident Response:
  Respond to Level 2 security incidents, coordinate with relevant teams to mitigate risks, and ensure timely resolution of security issues.
• Security Investigations:
  Conduct detailed investigations in Aras SaaS of complex security incidents to determine root causes and the scope of the impact. Utilize forensic analysis techniques as needed.
• Improvement of Detection Capabilities:
  Develop and refine SOC detection mechanisms in Azure. Customize security tools and technologies to enhance detection and response capabilities.
• Collaboration and Reporting:
  Work closely with Product Security and Global Cloud Services teams to enhance overall security posture. Prepare detailed incident reports and documentation for both technical and non‑technical stakeholders.
• Automation and Tool Development:
  Develop scripts or tools to automate response and mitigation processes, enhancing the SOC’s operational efficiency.
• Own the end‑to‑end SOC function, including workflows, run books, escalation models, and continuous improvement.
• Drive operational security decisions and act as the primary incident commander for security events.
• Build and mature SOC capabilities, including onboarding new data sources, improving alert fidelity, and optimizing operational processes.
• Leverage AI/ML‑powered security tools and detection engines to enhance monitoring, triage, and investigation workflows.
• Evaluate and tune AI‑assisted anomaly detection models to reduce false positives and improve threat identification accuracy.
• Utilize LLM‑based copilots or automated investigation frameworks to accelerate incident triage and response.
• Assess security risks associated with AI workloads, including model abuse, prompt injection, data leakage, and adversarial scenarios.

• Education:
  
  Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Experience operating security functions in Azure Gov Cloud or GCC High environments, including managing segregated environments, boundary protections, and compliance‑driven logging limitations.
• Understanding of U.S. Government cloud regulatory frameworks such as FedRAMP High, NIST 800‑53, DoD SRG, and data residency requirements.
• Familiarity with Gov Cloud‑specific service differences, authentication flows, and monitoring constraints.
• Practical experience securing Azure Gov Cloud environments subject to NIST 800‑171 and CMMC 2.0, ensuring proper protection of CUI through compliant detection, response, and monitoring practices.
• Certifications:
  
  Microsoft Certified:
  Security Operations Analyst Associate or other relevant Azure certifications.

• 3‑5 years of experience in information security, specifically in a SOC environment.
• Experience with Azure cloud services is highly preferred.
• Desired:
  Experience with Managed Detection and Response (MDR) services.

• Proficiency in security information and event management (SIEM) tools and technologies.
• Strong understanding of network security, endpoint security, and cloud security principles.
• Experience with scripting languages (e.g., Python, Power Shell) for automation.
• Familiarity with Azure‑specific tools and services for security management.

• Strong analytical and problem‑solving skills.
• Excellent communication and teamwork abilities.
• Comfortability to ask questions.
• Receptive feedback.
• Ability to handle high‑pressure situations and make decisions quickly.

The total expected base salary range will be between $100,000‑125,000. This position is eligible for additional compensation. Compensation for the role will be commensurate with experience.

• A 401(k) plan with company match to help you invest in your future.
• Robust health coverage, including generous medical, dental, and vision insurance with high premium contributions and deductible reimbursement.
• Company‑paid life insurance, as well as short‑ and long‑term disability coverage for added peace of mind.
• Flexible paid time off, company‑paid holidays, and a dedicated Global Wellness Day.