Amazon Web Services (AWS), Analysis Skills, Applications Security, Automation, CISSP - Certified Information Systems Security Professional, Cloud Computing, Communication Skills, Computer Hacking, Computer Science, Computer Security, Consulting, Continuous Deployment/Delivery, Continuous Improvement, Continuous Integration, DevOps, Ecosystems, Enterprise Protection, Establish Priorities, GCP (Good Clinical Practices), GIAC - Global Information Assurance Certification, Hunting, Incident Response, Information Technology & Information Systems, Internet Security, Leadership, Maven, Mentoring, Microsoft Product Family, Microsoft Windows Azure, Open Source, Operations Processes, Process Improvement, Security Analysis, Security Attacks, Security Information and Event Management (SIEM), Security Infrastructure, Security Software, Splunk, Supply Chain, Team Player, Threat Modeling, Use Cases
St. Petersburg, FL(remote)
Title: Senior SOC Security Engineer (Application Security) Overnight Shift
Location : Remote
Target Start Date : ASAP
Type: contract
Pay Rate: DOE
Shift: 11:00 PM 8:00 AM
This position is ideal for a senior security professional who enjoys balancing real-time incident response with proactive application security initiatives. Success in this role requires strong technical depth, excellent communication skills, a collaborative mindset, and the ability to lead during high-impact security events.
We are seeking a Senior SOC Security Engineer with a strong background in Application Security to join a 24x7 Security Operations Center. This role combines hands-on security operations, incident response, threat hunting, and software supply chain security with application security best practices to help protect enterprise applications and infrastructure.
The ideal candidate has experience responding to security incidents while partnering closely with engineering teams to improve application security, integrate security into the SDLC, and strengthen overall security posture.
Responsibilities
- Monitor, investigate, and respond to security incidents across enterprise environments.
- Lead incident response efforts for application, identity, and software supply chain security events.
- Perform proactive threat hunting and develop new detection use cases for emerging threats.
- Assess and remediate vulnerabilities, including exploitability and reachability analysis for third-party software and open-source dependencies.
- Investigate software supply chain risks, compromised packages, malicious libraries, and dependency-related attacks.
- Partner with engineering and DevOps teams to integrate security into CI/CD pipelines and development workflows.
- Implement and improve security controls for third-party software, package repositories, and application dependencies.
- Analyze CVEs and work with development teams to prioritize and remediate vulnerabilities.
- Mentor junior security analysts and contribute to the continuous improvement of SOC processes and security operations.
Required Qualifications
- Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related technical discipline (or equivalent experience).
- 7+ years of experience in Security Operations, Incident Response, or Application Security.
- Experience working in a 24x7 SOC environment with off-hours support responsibilities.
- Industry certifications such as CISSP, OSCP, CSSLP, GIAC, or similar are highly preferred.
Technical Skills
- SIEM and EDR platforms such as Splunk, Microsoft Sentinel, QRadar, or CrowdStrike.
- Strong knowledge of application security, secure coding principles, and OWASP Top 10.
- Experience with SAST, DAST, and Software Composition Analysis (SCA) tools.
- Knowledge of software supply chain security, dependency management, and package ecosystems (npm, Maven, PyPI, NuGet, etc.).
- Experience with artifact repositories and vulnerability management.
- Familiarity with DevSecOps practices and integrating security into CI/CD pipelines.
- Cloud security experience within AWS, Azure, or GCP, including container security.
- Strong understanding of threat detection, vulnerability management, and incident response methodologies.
Preferred Skills
- Experience investigating software supply chain attacks and dependency compromise.
- Familiarity with vulnerability reachability analysis and exploit prioritization.
- Experience developing security detections, threat models, and automation.
- Ability to mentor teammates and collaborate effectively across Security, Infrastructure, and Engineering organizations.
Welcome to ConsultNet, a premier national provider of technology talent and solutions. Our expertise spans across project services, contract-to-hire, direct search, and managed services onshore, nearshore, and hybrid. For over 25 years, we have connected thousands of consultants with meaningful roles through a personal, communication-driven approach, partnering with a diverse client base to build high-performing teams and create lasting impact. Our comprehensive service offerings cover a wide range of technology and engineering positions across key markets nationwide. Learn more at www.consultnet.com .
We champion equality and inclusivity, proudly supporting an Equal Opportunity Employer policy. We welcome applicants regardless of Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other status protected by law.