Tential Solutions · 2 weeks ago
Senior SOC Security Engineer – Appsec
Rockville, MD
Contract
Hybrid
Senior Level
5+ years expTential Solutions is seeking a highly skilled Senior SOC Security Engineer with deep expertise in Application Security to join their dynamic cybersecurity team. This role involves leading incident response efforts, mentoring junior analysts, and collaborating with development teams to ensure security is embedded in the software development lifecycle.
Human ResourcesInformation Technology
Responsibilities
Design and implement security controls for third-party software dependencies and open-source components
Monitor, detect, and respond to security incidents
Develop and execute vulnerability management strategies with emphasis on exploitability and reachability analysis
Conduct deep-dive investigations into Software supply chain Security (SSCS) threats, compromised dependencies, and malicious packages
Perform threat hunting for emerging attack vectors
Assess and mitigate risks associated with software dependencies across enterprise systems and applications
Lead incident response efforts for identity-based attacks and supply chain compromises
Develop detection use cases and threat models specific to SSCS attack vectors
Establish security practices for evaluating and vetting third-party packages and libraries
Collaborate with DevOps and engineering teams to integrate security into CI/CD pipelines
Perform vulnerability analysis on 3rd party CVE’s with in the FINRA context and work with engineering teams to fix the vulnerability
Qualification
Required
Bachelor's or master's degree in computer science, Cybersecurity, Information Systems, or a related technical field
Equivalent experience may be considered in lieu of formal education for exceptional candidates
5+ years of experience in SOC operations and incident response
Desired Certifications such as CISSP, CASE, OSCP, CSSLP, or GIAC
Proficiency with platforms like Splunk, Sentinel, QRadar, CrowdStrike
Deep understanding of SSCS attack vectors (dependency confusion, compromised packages, malicious commits, backdoors)
Strong knowledge of package managers (npm, PyPI, Maven, NuGet, etc.) and their security implications
Hands-on experience with artifact repository management tools
Experience with SAST, DAST, and SCA tools (e.g., Veracode, Burp Suite, SonarQube)
Deep understanding of OWASP Top 10, SANS 25, and remediation techniques
Familiarity with AWS, Azure, or GCP security configurations and container security
Proficiency with software composition analysis (SCA) tools and vulnerability reachability concepts
Familiarity with cloud platforms (AWS, Azure, GCP) and container security
Experience integrating security into CI/CD pipelines
Familiarity with DevSecOps principles
Strong analytical thinking and attention to detail
Excellent communication skills for cross-functional collaboration
Ability to mentor junior analysts and lead incident response efforts
Company
Tential Solutions
We put people first. We’re your trusted partner - empowering you with top talent and solutions to stay competitive in today’s dynamic market.
501-1000 employees
H1B Sponsorship
Tential Solutions has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2024 (2)
2023 (1)
2022 (3)
2020 (11)
Funding
Current Stage
Late StageLeadership Team
Shane Ireland
Chief Executive Officer
Quinn Salamandra
Co-Founder
Recent News
Australian Financial Review
2024-05-02
2024-04-12
Company data provided by crunchbase