AppSec Jobs
← Back to all jobs

MathWorks

Product Security Operations Engineer

Onsite
Natick, MAPosted 6 days ago$112,900 - $175,000Website
Apply on LinkedIn →

At a Glance

PythonOWASPPen TestingThreat ModelingSASTDAST

About This Role

MathWorks is seeking a highly motivated Security Operations Engineer to help manage security incidents, address high-profile vulnerabilities, and enhance the security of the build and release infrastructure. In this role, you will own and operate the security infrastructure including defining and maintaining the system's threat model, ensuring proactive risk mitigation, and monitoring and remediating security issues. The ideal candidate will possess a strong background in operational security and expertise in automation engineering.

Responsibilities

  • Proactive identification and remediation of vulnerabilities
  • Continuous monitoring and rapid incident response
  • Consistent enforcement of security controls and best practices across environments
  • Analyzing threat intel data and vulnerability trends over time to identify high impact security projects
  • Improve processes, conduct RCAs, and help implement CMs for security issues/patterns across products

Requirements

SASTDASTSonarQubeSemGrepPythonCISSPOWASP
  • Bachelor's degree and 3 years of professional work experience (or master's degree, or equivalent experience)
  • Proficiency with at least one programming language
  • Strong understanding of the vulnerability management tool stack, including SAST, DAST, container scanning, dependency scanning, and infrastructure scanning tools (SonarQube, SemGrep, Burp, Black Duck, JFrog Xray, Wiz, etc.)
  • Knowledge of application, cloud, network, and operating system security
  • Proficiency in scripting (PowerShell, Python)
  • Relevant certifications (CISSP, Security+) preferred
  • Experience with OWASP Top 10, CVEs, insecure cloud configurations, container risks, and supply chain vulnerabilities
  • Experience with security threat modeling, penetration testing, and security reviews
  • Familiarity with secure coding techniques and best practices
  • Knowledge of current cyber security trends, ongoing research of emerging threats and hacking techniques

Benefits & Perks

Opportunity to collaborate with bright, passionate people
Opportunity to accelerate the pace of discovery, innovation, and learning in engineering and science
Enjoyable, participatory, and rational work environment
Individual growth opportunities
Initiative encouragement
Values collaboration
Shares success
Rewards excellence

About MathWorks

MathWorks, founded in 1984, is a privately held company based in Natick, Massachusetts. It specializes in developing mathematical computing software, primarily known for its flagship products, MATLAB and Simulink. These tools are widely used by engineers and scientists for algorithm development, simulation, data analysis, and visualization. The company has a strong global presence, serving over 1,000,000 users across more than 100 countries, including businesses, universities, and government organizations. In addition to MATLAB and Simulink, MathWorks offers over 130 specialized products, including toolboxes for various applications such as image processing, control systems, and deep learning. The company is committed to supporting innovation and discovery in engineering and science through its technical computing environments. With a history of profitability and a mission to enhance technical computing, MathWorks continues to be a key player in the industry.

Industry

information technology & services

Employees

6,500

3610 engineers

Revenue

$1.5B

Website

Visit →

Security at MathWorks

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • MathWorks embeds 'shift-left' security into infrastructure, CI/CD pipelines, and operations.
  • The philosophy emphasizes developer enablement through ownership of CI/CD processes, Artifactory, and Internal Developer Platforms. The risk philosophy centers on owning and operating security infrastructure including defining and maintaining threat models.
  • Key priorities include proactive identification and remediation of vulnerabilities, continuous monitoring, and rapid incident response.

Security Team

  • The AppSec team at MathWorks consists of approximately 10-20 identified security professionals in engineering roles.
  • Key leaders include Michael Carvalho (Principal Information Security Engineer), Akshay Kaikottil (Web Application Security Engineer), and Cody Bergantino (Information Security Engineer).
  • The team partners closely with the Product Security team to align strategies and share expertise under the Head of Information Security.
  • There are currently 4 active AppSec job postings with common skill patterns emphasizing CI/CD protection, threat modeling, and proficiency with tools like SonarQube, SemGrep, and Black Duck.

Key Initiatives

  • MathWorks is implementing 'shift-left' security practices embedded into infrastructure and CI/CD pipelines.
  • The company has adopted SLSA (Supply-chain Levels for Software Artifacts) standards for CI/CD processes.
  • Vulnerability management includes a formal disclosure policy with intake at product-security@mathworks.com and timely response from the security team.
  • Secure SDLC practices include security standards and best practices documentation, and guidelines for authoring secure web applications in MATLAB Web App Server.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.

Interested in this role?

Apply on LinkedIn