Who we are

Socket helps devs and security teams ship faster by cutting out security busywork. Thousands of orgs use Socket to safely find, audit, and manage open source code. Our customers — from Anthropic to xAI, and Figma to Vercel — love Socket (just check out their tweets to see for yourself!)

Founded by Feross Aboukhadijeh, a long-time open source maintainer with software downloaded over a billion times a month, Socket has raised $65M in funding from top angels, operators, and security leaders.

About the Role

Socket is looking for a Threat Analyst to join our growing security team. In this role, you’ll tackle cutting-edge threats in the software supply chain, leveraging our proprietary AI-based scanner and building tools to enhance malware analysis. You’ll secure open source ecosystems, strengthen threat detection across multiple programming languages, and conduct research that helps protect developers and organizations worldwide. This is a hands-on role for someone passionate about threat hunting, automation, and turning insights into actionable defenses.

What You'll Do

• Analyze over 100 unique threats daily, maintaining a standard of quality that sets the industry benchmark for supply chain security.

• Author high-impact technical blog posts on malicious packages and publish 2-3 deep-dive research pieces on threat actor profiles, novel attack vectors, and ecosystem-wide trends.

• Design and build automated scripts and tools to streamline malware analysis, enhancing our data collection, threat summarization, and hunting workflows.

• Partner with our engineering team to integrate your research into our core product, turning manual insights into scalable, real-time protection.

• Leverage deep expertise in untapped ecosystems to enhance security across NuGet, browser extensions (Chrome/VS Code), and proactively monitor GitHub/GitLab for emerging malicious campaigns.

• Represent Socket in the broader security community by uncovering and documenting the tactics of sophisticated threat actors.

What You'll Bring

Required:

• 2+ years of work experience in a related field or a Bachelor’s Degree in Computer Science, Computer Engineering, Cyber Security, etc.

• Experience generating indicators of compromise (IoCs) and conducting threat hunting using signatures.

• Excellent communication skills and the ability to assess the relevance and impact of threats.

• Experience building tools for automation, data collection, and threat hunting.

• Passion for open-source and code.

Preferred:

• Familiarity with TypeScript/JavaScript

• Experience leveraging LLMs or AI-based tools for threat detection

As we know how important clarity is when looking for a new role, we've put together a read-me about the Interview Process at Socket, should you be invited for an interview.

At Socket, we

1. Pursue Excellence: We set ourselves apart by consistently delivering work of exceptional quality and distinction.

2. Move with urgency and focus: We prioritize swift, decisive action.

3. Think rigorously: We care about being right and it often takes reasoning from first principles to get there. We value alternative perspectives and have constructive discussions.

4. Trust and amplify: We overtrust, always assume good intent, and give specific feedback to help each other improve.

5. Feel a strong sense of ownership: We wear many hats and feel a strong sense of overall ownership of the company and we're non-territorial regarding our nominal domains.

6. Are customer obsessed: We relentlessly prioritize the needs of our customers, striving to exceed their expectations and delight them at every interaction.