Product Security Engineer - Aras Corporation

Position: Product Security Engineer (m/f/d) Location: Available to candidates located in Poland

Aras is expanding its Product Security team and is seeking a Product Security Engineer with strong DevSecOps expertise to help secure our products, cloud platforms, and software development lifecycle. This role will be responsible for designing, implementing, and maintaining secure CI/CD pipelines, integrating security controls throughout the development process, and driving a security-first engineering culture across product and cloud teams. As part of the Product Security organization, you will partner closely with software engineers, cloud architects, DevOps teams, and security stakeholders to identify, prioritize, and remediate security risks at scale. You will play a key role in advancing Aras' DevSecOps maturity while helping shape the future of Agentic Security by leveraging automation, AI-assisted security workflows, and autonomous security operations.

This position requires strong technical expertise, excellent communication skills, and hands-on experience integrating SAST, DAST, SCA, container security, and cloud security controls into modern CI/CD

environments.

Key Responsibilities

DevSecOps Engineering

• Design, develop, and maintain secure CI/CD pipelines using Jenkins, Kubernetes, Azure, and cloud-native technologies. • Integrate security controls and automated security testing into the software delivery lifecycle. • Implement and manage SAST, DAST, SCA, secrets detection, IaC scanning, container security, and software supply chain security controls. • Drive security automation initiatives to reduce manual effort and accelerate secure software delivery. • Partner with engineering teams to remediate identified vulnerabilities and security gaps in a timely manner. Product Security • Collaborate with product, development, and cloud engineering teams to embed security requirements throughout the SDLC. • Conduct security reviews of applications, infrastructure, CI/CD workflows, and deployment architectures. • Support threat modeling, risk assessments, and secure design reviews. • Help establish security baselines, hardening standards, and secure deployment practices. Agentic Security & Security Automation • Leverage AI-powered security tooling to improve vulnerability management, detection, triage, and remediation workflows. • Develop automated security guardrails and policy enforcement mechanisms for developer self- service platforms. • Contribute to secure AI adoption initiatives, including AI governance, model security, and protection of AI-assisted development workflows.

Engineering & Collaboration

• Develop automation solutions using Python, PowerShell, Bash, or Groovy.

• Provide expertise in Agile.

• Participate in daily standups, sprint planning, retrospectives, and collaborative design