U

Senior SOC Security Engineer - Application Security & Incident Response

Unisys โ€ข United State
Remote
Apply
AI Summary

Lead incident response and threat detection for 24x7 Security Operations Center operations. Design security controls for third-party dependencies and conduct deep-dive investigations into software supply chain threats. Mentor junior analysts and collaborate with development teams to integrate security into CI/CD pipelines.

Key Highlights
24x7 SOC coverage with night shift (11pm-8am ET)
Application security expertise with software supply chain threat hunting
Mentorship of junior analysts and incident response leadership
Key Responsibilities
Design and implement security controls for third-party software dependencies and open-source components
Monitor, detect, and respond to security incidents
Develop and execute vulnerability management strategies with emphasis on exploitability and reachability analysis
Conduct deep-dive investigations into Software supply chain Security (SSCS) threats, compromised dependencies, and malicious packages
Perform threat hunting for emerging attack vectors
Assess and mitigate risks associated with software dependencies across enterprise systems and applications
Lead incident response efforts for identity-based attacks and supply chain compromise
Develop detection use cases and threat models specific to SSCS attack vectors
Establish security practices for evaluating and vetting third-party packages and libraries
Collaborate with DevOps and engineering teams to integrate security into CI/CD pipelines
Technical Skills Required
SIEM & EDR Tools Software Supply Chain Security (SSCS) Application Security Tools (SAST, DAST, SCA)
Benefits & Perks
Remote work anywhere in US

Job Description


Role: SOC Senior Security Engineer

Location: REMOTE โ€“ NIGHT SHIFT

Timings/location: 11 pm-8:00 am et/ REMOTE anywhere in US


Must:

  • SOC /Incidence Response
  • Detection engineering
  • Hands on Investigating and Alerts

Bonuses (not critical):

  • Splunk, threat hunting

JD:

We are seeking a highly skilled Senior SOC Security Engineer with expertise in Application Security to join our dynamic cybersecurity team. This role requires flexibility to support our 24x7x365 Security Operations Center, including regular off-hours coverage. This role is for Shift 3 (11pm-8am). This role blends real-time threat detection and response with proactive application security strategies to protect our digital assets and infrastructure.


As a senior member of the SOC, you will lead incident response efforts, mentor junior analysts, and collaborate with development teams to embed security into the software development lifecycle (SDLC). Youโ€™ll be instrumental in shaping our security posture across both operational and application layers.


โ€ข Design and implement security controls for third-party software dependencies and open-source components

โ€ข Monitor, detect, and respond to security incidents

โ€ข Develop and execute vulnerability management strategies with emphasis on exploitability and reachability analysis

โ€ข Conduct deep-dive investigations into Software supply chain Security (SSCS) threats, compromised dependencies, and malicious packages

โ€ข Perform threat hunting for emerging attack vectors

โ€ข Assess and mitigate risks associated with software dependencies across enterprise systems and applications

โ€ข Lead incident response efforts for identity-based attacks and supply chain compromise

โ€ข Develop detection use cases and threat models specific to SSCS attack vectors

โ€ข Establish security practices for evaluating and vetting third-party packages and libraries

โ€ข Collaborate with DevOps and engineering teams to integrate security into CI/CD pipelines


Required Skills & Qualifications

ยท 7+ years of experience in SOC operations and incident response

ยท Desired Certifications such as CISSP, CASE, OSCP, CSSLP, or GIAC

Technical Skills

ยท SIEM & EDR Tools: Proficiency with platforms like Splunk, Sentinel, QRadar, CrowdStrike

ยท Deep understanding of SSCS attack vectors (dependency confusion, compromised packages, malicious commits, backdoors)

ยท Strong knowledge of package managers (npm, PyPI, Maven, NuGet, etc.) and their security implications

ยท Hands-on experience with artifact repository management tools

ยท Application Security Tools: Experience with SAST, DAST, and SCA tools (e.g., Veracode, Burp Suite, SonarQube)

ยท Secure Coding Practices: Deep understanding of OWASP Top 10, SANS 25, and remediation techniques

ยท Cloud Security: Familiarity with AWS, Azure, or GCP security configurations and container security

ยท Proficiency with software composition analysis (SCA) tools and vulnerability reachability concepts

ยท Familiarity with cloud platforms (AWS, Azure, GCP) and container security

ยท Experience integrating security into CI/CD pipelines

ยท Familiarity with DevSecOps principle

Soft Skills & Leadership

ยท Strong analytical thinking and attention to detail

ยท Excellent communication skills for cross-functional collaboration

ยท Ability to mentor junior analysts and lead incident response efforts


Similar Jobs

Explore other opportunities that match your interests

Staff Security Engineer

Cyber Security
โ€ข
4m ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Not Applicable

Grow Therapy

United State

Principal Cybersecurity Analyst - AI Security & GRC

Cyber Security
โ€ข
2h ago

Premium Job

Sign up is free! Login or Sign up to view full details.

โ€ขโ€ขโ€ขโ€ขโ€ขโ€ข โ€ขโ€ขโ€ขโ€ขโ€ขโ€ข โ€ขโ€ขโ€ขโ€ขโ€ขโ€ข
Job Type โ€ขโ€ขโ€ขโ€ขโ€ขโ€ข
Experience Level โ€ขโ€ขโ€ขโ€ขโ€ขโ€ข

ut md anderson

United State
Visa Sponsorship Relocation Remote
Job Type Contract
Experience Level Not Applicable

Alignerr

United State

Subscribe our newsletter

New Things Will Always Update Regularly