SOC Engineer; Application Security

Expert SOC Security Engineer with deep expertise in Application Security to join our dynamic cybersecurity team. This role requires flexibility to support our 24x7x365 Security Operations Center, including regular off‑hours coverage. This role blends real‑time threat detection and response with proactive application security strategies to protect our digital assets and infrastructure.

Shift: 11:00 PM - 8:00 AM EST (Night Shift)

Weekend Rotation: Every 5th weekend

As an expert member of the SOC, you will lead incident response efforts, mentor junior analysts, and collaborate with development teams to embed security into the software development lifecycle (SDLC). You'll be instrumental in shaping our security posture across both operational and application layers.

• Design and implement security controls for third‑party software dependencies and open‑source components
• Monitor, detect, and respond to security incidents
• Develop and execute vulnerability management strategies with emphasis on exploitability and reachability analysis
• Conduct deep‑dive investigations into Software Supply Chain Security (SSCS) threats, compromised dependencies, and malicious packages
• Perform threat hunting for emerging attack vectors
• Assess and mitigate risks associated with software dependencies across enterprise systems and applications
• Lead incident response efforts for identity‑based attacks and supply chain compromises
• Develop detection use cases and threat models specific to SSCS attack vectors
• Establish security practices for evaluating and vetting third‑party packages and libraries
• Collaborate with Dev Ops and engineering teams to integrate security into CI/CD pipelines
• Perform vulnerability analysis on 3rd‑party CVEs and work with engineering teams to fix the vulnerability

• Bachelor's or master’s degree in computer science, cybersecurity, information systems, or a related technical field
• Equivalent experience may be considered in lieu of formal education for exceptional candidates
• 5+ years of experience in SOC operations and incident response
• Desired certifications such as CISSP, CEH, OSCP, CSSLP, or GIAC

• SIEM & EDR tools: proficiency with Splunk, Sentinel, QRadar, Crowd Strike
• Deep understanding of SSCS attack vectors (dependency confusion, compromised packages, malicious commits, backdoors)
• Strong knowledge of package managers (npm, PyPI, Maven, NuGet, etc.) and their security implications
• Hands‑on experience with artifact repository management tools
• Application security tools: SAST, DAST, and SCA tools (e.g., Veracode, Burp Suite, Sonar Qube)
• Secure coding practices: deep understanding of OWASP Top 10, SANS 25, and remediation techniques
• Cloud security: familiarity with AWS, Azure, or GCP security configurations and container security
• Proficiency with SCA tools and vulnerability reachability concepts
• Experience integrating security into CI/CD pipelines
• Familiarity with Dev Sec Ops  principles

• Strong analytical thinking and attention to detail
• Excellent communication skills for cross‑functional collaboration
• Ability to mentor junior analysts and lead incident response efforts

Job Type &

Location:

Contract position based out of Chicago, IL. Fully remote.

Pay and Benefits: $75.00 – $85.00/hr benefits include medical, dental & vision; critical illness, accident & hospital; 401(k); life insurance; short/long‑term disability; HSA; transportation benefits; employee assistance program; PTO.

Final date to receive applications: February 23, 2026

TEKsystems is the leading provider of business and technology services. We accelerate business transformation for our customers. We are a team of 80,000 employees, serving 6,000 clients, including 80% of the Fortune 500.

We are an equal‑opportunity employer and consider all applications regardless of race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or other characteristics protected by law.