Product Security Operations Engineer

Product Security Operations Engineer

JavaScript Not Enabled

Your browser settings are preventing you from taking full advantage of the MathWorks Careers application.

You can enable JavaScript within the Options or Preferences menu of most browsers. For explicit instructions for your particular browser, visit www.enable-javascript.com.

Apply Now

• Job: 36666-MKAI
• Team: Product Development
• Location: US-MA-Natick
• Salary Range: $112,900 - $175,000

Job Summary

MathWorks is seeking a highly motivated Security Operation Engineer to help manage security incidents, address high-profile vulnerabilities, and enhance the security of our build and release infrastructure. In this role, you will own and operate our security infrastructure including defining and maintaining the system's threat model, ensuring proactive risk mitigation, and monitoring and remediating security issues.

The ideal candidate will possess a strong background in operational security and expertise in automation engineering.

Responsibilities

• Proactive identification and remediation of vulnerabilities
• Continuous monitoring and rapid incident response
• Consistent enforcement of security controls and best practices across environments
• Analyzing threat intel data and vulnerability trends over time to identify high impact security projects
• Improve processes, conduct RCAs, and help implement CMs for security issues/patterns across products

Minimum Qualifications

• A bachelor's degree and 3 years of professional work experience (or a master's degree, or equivalent experience) is required.

Additional Qualifications

• Proficiency with at least one programming language
• Strong understanding of the vulnerability management tool stack, including SAST, DAST, container scanning, dependency scanning, and infrastructure scanning tools (e.g., SonarQube, SemGrep, Burp, Black Duck, JFrog Xray, Wiz, etc.)
• Knowledge of application, cloud, network, and operating system security
• Proficiency in scripting (PowerShell, Python); relevant certifications (e.g., CISSP, Security+) are preferred
• Experience with OWASP Top 10, CVEs, insecure cloud configurations, container risks, and supply chain vulnerabilities
• Experience with security threat modeling, penetration testing, and security reviews
• Familiarity with secure coding techniques and best practices
• Knowledge of current cyber security trends, as well as the ongoing research of emerging threats and hacking techniques