Product Security Engineer

Aras Product Security Team is growing and seeks a Product Security Engineer focused on developing and maintain the Continuous Integration and Continuous Delivery (CI/CD) pipelines, driving the DevSecOps culture with the Aras product, cloud, and development teams. This person will be working closely with our internal product and development teams to ensure timely resolution of found security gaps. This position requires strong technical and good communication skills, with experience in integrating the SAST/DAST/SCA tools into the CI/CD process.

Position Duties:

• Work as a DevSecOps Engineer focusing on problems at Scale involving Jenkins, Kubernetes, Azure.
• Provide expertise in system integration in an Agile environment.
• Provide expertise in Continuous test/integration/deployment platforms.
• Develop and integrate quick Bash/Python/PowerShell/Groovy scripts.
• Help in DevSecOps tasks such as container security, hardening, baselining, and CI/CD.
• Collaborate and communicate effectively with product and development teams to ensure security is championed throughout their processes.
• Eagerly look for opportunities to automate.
• Learn new tools by building upon experience in foundational knowledge.
• Be an active member in daily scrum meetings, bi-weekly iteration planning’s, and SAFe increment planning’s, and as-needed pairing sessions.

Candidate Requirements:

• Good (2+ years) experience of Jenkins automation server, preferably with a coding/development background.
• Good (2+ years) experience of scripting languages (Python/PowerShell/Bash).
• Good understanding of standard networking protocols and components such as HTTP, DNS, TCP/IP, VPN, Networking, and Load Balancing.
• Cloud Security Experience (Azure, AWS).
• Bachelor’s degree in an Information Technology related field of study or equivalent experience.
• Self-motivation and the ability to work under minimal supervision.
• Certifications: Microsoft Certified: Azure Security Engineer Associate or other relevant Azure certifications.

Would be a plus:

• Familiarity with infrastructure-as-code (Terraform).

Knowledge of Azure DevOps.