Senior SOC Security Engineer

Role Overview

Senior SOC Security Engineer focused on detection engineering, incident response, and software supply chain security in a 24/7 Security Operations Center. This is a hands-on engineering role for someone who enjoys solving complex security problems and driving real impact.

Responsibilities

• Lead incident response efforts across various security events, including identity-based and supply chain attacks
• Design and improve detection use cases, alerting logic, and threat models
• Perform deep-dive investigations into software supply chain threats (malicious packages, dependency compromises)
• Conduct threat hunting to identify emerging attack patterns
• Build and enhance SIEM detections and improve signal-to-noise ratio
• Collaborate with engineering teams to integrate security into CI/CD pipelines
• Analyze and remediate vulnerabilities in third-party dependencies and open-source components
• Mentor junior SOC analysts and contribute to overall SOC maturity

Shift Details

• Primary Shift: 3:00 PM – 12:00 AM (1-hour break)
• Weekend Rotation: Every 5th weekend (Sat/Sun overnight shift)
• Comp Days: Provided before/after weekend rotation

Required Experience

• Strong background in SOC operations and incident response
• Experience with SIEM/EDR tools (Splunk, Sentinel, QRadar, CrowdStrike, etc.)
• Hands-on experience in detection engineering, alert tuning, and threat detection
• Solid understanding of MITRE ATT&CK framework
• Experience with application security (SAST, DAST, SCA, OWASP Top 10)
• Knowledge of software supply chain security risks (dependency confusion, malicious packages, etc.)
• Familiarity with cloud environments (AWS, Azure, or GCP)
• Scripting/automation experience (Python, PowerShell, or similar)

Nice to Have

• Experience with SCA platforms (jFrog, Socket.dev, or similar)
• Background in DevSecOps and CI/CD security integration
• Certifications such as CISSP, GIAC, OSCP, CSSLP