Cybersecurity Engineer – SecDevOps
Ares Management · New York, NY
- On site
- Full-time
- $270,000 / year
- New York, NY
Job highlights
- Embed security into software delivery lifecycle.
- Build secure-by-default tooling and automate controls.
- Design scalable guardrails for secure engineering.
- Balance developer needs with risk pragmatism.
- Partner across development, operations, and security.
About the role
About Ares Management
Over the last 20 years, Ares’ success has been driven by our people and our culture. Today, our team is guided by our core values – Collaborative, Responsible, Entrepreneurial, Self-Aware, Trustworthy – and our purpose to be a catalyst for shared prosperity and a better future. Through our recruitment, career development and employee-focused programming, we are committed to fostering a welcoming and inclusive work environment where high-performance talent of diverse backgrounds, experiences, and perspectives can build careers within this exciting and growing industry.
Job Description
Job Family: Cybersecurity Engineering
Reporting Relationships
Reports to: Principal, Cybersecurity Engineering Manager
Direct Reports: None
Position Summary Statement
We’re looking for a SecDevOps-focused Security Engineer who enjoys embedding security into the software delivery lifecycle and partnering across development, operations, and security teams. In this role, you’ll help build secure-by-default tooling, automate security controls, and design scalable guardrails that make secure engineering easy. Whether your background is traditional or non-traditional, if you’re passionate about automation, cloud security, and enabling developers, we encourage you to apply.
We’re seeking someone who is excited to bring an automation-first mindset and who knows how to balance developer needs with risk-informed pragmatism. You will bridge security, dev, and ops cultures by translating between devs who want speed, security teams who want safety, and ops teams who want stability.
We value diverse backgrounds, perspectives, and experiences, and we are committed to building a team where everyone feels they belong. We especially encourage candidates from underrepresented communities in cybersecurity and technology to apply. Our interview process focuses on problem-solving ability, practical skills, and collaborative mindset.
Detailed Responsibilities/Duties
You will help advance our automation‑first engineering strategy by designing and maintaining the foundational systems that enable secure, reliable, and scalable software delivery across the organization.
Build and Evolve CI/CD Foundations
- Design, operate, and continuously improve CI/CD pipelines using modern tooling to enable rapid, consistent, and high‑quality software delivery.
- Automate build, test, and deployment workflows to reduce manual effort and improve engineering velocity.
Implement Infrastructure as Code
- Use Terraform, CloudFormation, or similar IaC technologies to define and manage cloud infrastructure in a scalable, repeatable, and version‑controlled manner.
- Ensure infrastructure is provisioned reliably and consistently through code‑driven automation.
Drive Configuration Management Excellence
- Leverage tools such as Ansible, Chef, or Puppet to automate system configuration and maintain standardized environments across development, staging, and production.
- Ensure configuration drift is minimized and environments remain aligned with security and compliance requirements.
Advance Containerization and Orchestration
- Build and maintain containerized application patterns using Docker.
- Utilize Kubernetes (or equivalent orchestration platforms) to deploy, scale, and operate containerized workloads in a resilient, automated fashion.
Lead Scripting & Automation
- Develop automation using Python, Bash, PowerShell, or similar languages to eliminate repetitive tasks and improve operational efficiency.
- Create custom tooling that supports engineering workflows, observability, and security automation.
Strengthen Monitoring & Observability
- Implement and maintain monitoring, logging, and alerting systems—leveraging tools such as Splunk—to ensure environment health, availability, and performance.
- Develop proactive detection mechanisms to identify and remediate issues before they impact operations.
Champion Version Control Best Practices
- Use Git to manage source code, configuration, and infrastructure artifacts while promoting strong branching, pull request, and code review practices.
- Help teams adopt workflows that enhance collaboration and code quality.
Optimize Cloud Platform Automation
- Work with Azure and other cloud platforms to build scalable, secure, and highly automated infrastructure.
- Leverage cloud‑native capabilities to improve performance, reliability, and cost efficiency.
Embed Security Automation into Engineering Workflows
- Automate critical security controls—including vulnerability scanning, compliance validation, policy enforcement, and incident response.
- Integrate security scanning and guardrails directly into CI/CD pipelines to ensure continuous security from commit through production.
Demonstrate Collaboration And Communication
- Effective communication skills to collaborate with development, operations, and security teams.
- Promoting a culture of SecDevOps and automation within the organization.
- Automating the build, test, and deployment processes to ensure rapid and reliable delivery of software.
Use Your Soft Skills
- Excellent leadership and team management skills.
- Strong analytical and problem-solving abilities, supported by inclusive collaboration with team members with diverse working and thinking styles.
- Ability to stay updated with the latest security trends and threats.
Supervisory Responsibilities: None
Required Qualifications
We don’t expect expertise in every tool listed; experience with similar technologies is equally valuable.
- Significant experience in Cybersecurity (typically 8+ years), with significant hands-on experience in Security Engineering, DevOps, SRE, AppSec automation, or Platform Engineering OR equivalent practical expertise gained through nontraditional paths
- Hands-on with one or more CI/CD stacks (GitHub Actions, GitLab CI, Azure DevOps, Jenkins)
- Proficient in Terraform/IaC, Kubernetes, and cloud provider security (Azure preferred)
- Experience integrating SAST/SCA/DAST, container/IaC scanners, and secret scanning into pipelines
- Strong scripting in Python and/or Bash; infrastructure tooling (Helm, kustomize)
- Familiarity with OIDC workload identity, artifact registries, and software supply chain controls
- Clear communicator who can translate risk into engineering work
Preferred Qualifications
- Built policy gates with OPA/Gatekeeper or Kyverno; authored custom policies.
- Implemented sigstore cosign, admission controls, and image allowlists.
- Experience with Falco or cloud runtime sensors; integrated with SIEM/SOAR (Splunk, Sentinel).
- Knowledge of SLSA, NIST SSDF, CIS Benchmarks, MITRE ATT&CK for Containers/Cloud.
- Exposure to secrets lifecycle automation (rotation, dynamic creds), Vault or cloud-native KMS.
- Background in threat modeling and attack surface reduction for microservices.
Education
Bachelor’s degree, relevant technical training, or equivalent hands-on experience. We welcome candidates with nontraditional educational paths. Professional Certifications (e.g., GSEC, GCIA, CISSP, OSCP) are valued but not required. Advanced certifications in cloud and AI security are a plus.
General Requirements
- Strong sense of ownership, accountability, and attention to detail.
- Ability to manage competing priorities and deliver results in a dynamic environment while maintaining healthy work practices.
- Proven track record of developing and maintaining structured processes that support efficiency, scalability, and rapid business growth.
- Inclusive leadership style; ability to work effectively with collaborators who have diverse backgrounds, communication styles, and technical strengths.
- Curiosity and a growth mindset, with the ability to adapt approaches to evolving technology landscapes.
- Strong communication skills for bridging technical and business perspectives.
- Role requires occasional coordination with global teams; we support flexible scheduling to accommodate individual needs.
- The team supports different communication and work styles.
Why Join Us
You will have the opportunity to define foundational controls for rapidly expanding cloud and AI environments, influence enterprise-wide security strategy, and collaborate with highly skilled engineering and security teams across the organization. Your work will directly safeguard the platforms that power next-generation innovation in one of the industry’s most dynamic environments.
We are committed to equitable hiring. Candidates may qualify through a combination of education, training, lived experience, or self-directed learning. If you’re excited about the role but don’t meet every listed requirement, we encourage you to apply.
Reporting Relationships
Principal, Cybersecurity Platform Engineering
Compensation
The anticipated base salary range for this position is listed below. Total compensation may also include a discretionary performance-based bonus. Note, the range takes into account a broad spectrum of qualifications, including, but not limited to, years of relevant work experience, education, and other relevant qualifications specific to the role.
$240,000 - $270,000
The firm also offers robust Benefits offerings. Ares U.S. Core Benefits include Comprehensive Medical/Rx, Dental and Vision plans; 401(k) program with company match; Flexible Savings Accounts (FSA); Healthcare Savings Accounts (HSA) with company contribution; Basic and Voluntary Life Insurance; Long-Term Disability (LTD) and Short-Term Disability (STD) insurance; Employee Assistance Program (EAP), and Commuter Benefits plan for parking and transit.
Ares offers a number of additional benefits including access to a world-class medical advisory team, a mental health app that includes coaching, therapy and psychiatry, a mindfulness and wellbeing app, financial wellness benefit that includes access to a financial advisor, new parent leave, reproductive and adoption assistance, emergency backup care, matching gift program, education sponsorship program, and much more.
There is no set deadline to apply for this job opportunity. Applications will be accepted on an ongoing basis until the search is no longer active.
Key skills/competency
- Cybersecurity Engineering
- SecDevOps
- CI/CD Automation
- Infrastructure as Code (IaC)
- Containerization (Docker, Kubernetes)
- Cloud Security (Azure)
- Scripting (Python, Bash)
- Monitoring and Observability
- Version Control (Git)
- Security Automation
Skills & topics
- Cybersecurity Engineer
- SecDevOps
- DevOps
- Security Engineering
- Cloud Security
- Automation
- CI/CD
- Kubernetes
- Terraform
- Python
- Azure
- Incident Response
- Vulnerability Scanning
- Compliance
- Platform Engineering
- SRE
How to get hired
- Tailor your resume: Highlight SecDevOps, cloud security, and automation experience relevant to Ares' needs.
- Showcase automation skills: Emphasize proficiency in Python, Bash, IaC tools like Terraform, and CI/CD pipelines.
- Demonstrate collaboration: Provide examples of working with development, operations, and security teams.
- Prepare for technical questions: Be ready to discuss cloud security concepts, containerization, and security automation strategies.
- Understand company values: Align your responses with Ares' core values: Collaborative, Responsible, Entrepreneurial, Self-Aware, Trustworthy.
Technical preparation
Behavioral questions
Frequently asked questions
- What is the typical career path for a Cybersecurity Engineer SecDevOps at Ares Management?
- At Ares Management, a Cybersecurity Engineer SecDevOps can progress to roles like Principal Cybersecurity Engineer, Cybersecurity Engineering Manager, or specialize further in areas like cloud security architecture or application security. The focus on automation and SecDevOps principles provides a strong foundation for growth within the cybersecurity and engineering domains.
- What are the core technologies used by the Cybersecurity Engineering team at Ares Management?
- The Cybersecurity Engineering team at Ares Management heavily utilizes CI/CD tools (GitHub Actions, GitLab CI, Azure DevOps, Jenkins), Infrastructure as Code (Terraform), containerization (Docker, Kubernetes), scripting languages (Python, Bash), and cloud platforms, with a preference for Azure. They also employ monitoring tools like Splunk and configuration management tools such as Ansible.
- How does Ares Management approach diversity and inclusion in their hiring for Cybersecurity Engineer SecDevOps roles?
- Ares Management is committed to fostering an inclusive work environment and values diverse backgrounds, experiences, and perspectives. They specifically encourage candidates from underrepresented communities in cybersecurity and technology to apply and state that qualifications can be met through a combination of education, training, lived experience, or self-directed learning.
- What is the interview process like for the Cybersecurity Engineer SecDevOps position at Ares Management?
- The interview process at Ares Management for this role focuses on problem-solving ability, practical skills, and a collaborative mindset. While specific details aren't provided, it typically involves technical assessments, behavioral questions, and discussions about your experience integrating security into the software development lifecycle.
- Does Ares Management offer opportunities for professional development in cybersecurity?
- Yes, Ares Management emphasizes career development and employee-focused programming. For a Cybersecurity Engineer SecDevOps, this likely includes opportunities to stay updated on the latest security trends, pursue advanced certifications in cloud and AI security, and gain experience with cutting-edge technologies in a dynamic environment.
- What is the expected work arrangement for this Cybersecurity Engineer SecDevOps role at Ares Management?
- While not explicitly stated as remote or hybrid, the job description mentions occasional coordination with global teams and support for flexible scheduling. This suggests a potential for hybrid or remote work, but it's advisable to clarify during the application or interview process.