Santcore Technologies · 17 hours ago
3rd Shift SOC Analyst
United States
Full-time
Remote
Senior Level
$70/hr - $70/hr
5+ years expSantcore Technologies is seeking a highly skilled 3rd Shift SOC Analyst with deep expertise in Application Security to join their dynamic cybersecurity team. This role involves leading incident response efforts, mentoring junior analysts, and collaborating with development teams to enhance security practices across operational and application layers.
Information Technology & Services
Responsibilities
Conduct deep-dive investigations into Software supply chain Security (SSCS) threats, compromised dependencies, and malicious packages
Design and implement security controls for third-party software dependencies and open-source components
Monitor, detect, and respond to security incidents
Develop and execute vulnerability management strategies with emphasis on exploitability and reachability analysis
Perform threat hunting for emerging attack vectors
Assess and mitigate risks associated with software dependencies across enterprise systems and applications
Lead incident response efforts for identity-based attacks and supply chain compromises
Develop detection use cases and threat models specific to SSCS attack vectors
Establish security practices for evaluating and vetting third-party packages and libraries
Collaborate with DevOps and engineering teams to integrate security into CI/CD pipelines
Perform vulnerability analysis on 3rd party CVEs with in the Organisation context and work with engineering teams to fix the vulnerability
Qualification
Required
Bachelor's or master's degree in computer science, Cybersecurity, Information Systems, or a related technical field
Equivalent experience may be considered in lieu of formal education for exceptional candidates
5+ years of experience in SOC operations and incident response
Desired Certifications such as CISSP, CASE, OSCP, CSSLP, or GIAC
Proficiency with platforms like Splunk, Sentinel, QRadar, CrowdStrike
Deep understanding of SSCS attack vectors (dependency confusion, compromised packages, malicious commits, backdoors)
SSCS Solutions: JFrog and/or Socket.dev
Strong knowledge of package managers (npm, PyPI, Maven, NuGet, etc.) and their security implications
Hands-on experience with artifact repository management tools
Experience with SAST, DAST, and SCA tools (e.g., Veracode, Burp Suite, SonarQube)
Deep understanding of OWASP Top 10, SANS 25, and remediation techniques
Familiarity with AWS, Azure, or GCP security configurations and container security
Proficiency with software composition analysis (SCA) tools and vulnerability reachability concepts
Familiarity with cloud platforms (AWS, Azure, GCP) and container security
Experience integrating security into CI/CD pipelines
Familiarity with DevSecOps principles
Strong analytical thinking and attention to detail
Excellent communication skills for cross-functional collaboration
Ability to mentor junior analysts and lead incident response efforts
Company
Santcore Technologies
Santcore Technologies is a multidisciplinary IT consulting and solutions firm specializing in cybersecurity, GRC, cloud architecture, application security, digital transformation, and enterprise technology staffing.
11-50 employees
H1B Sponsorship
Santcore Technologies has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (4)
2024 (2)
2023 (1)
Funding
Current Stage
Early StageCompany data provided by crunchbase