Senior Security Engineer

About TASC:

As the nation's largest, privately held third party benefits administrator of employee benefits, TASC has a Mission to improve the health, wealth and well-being of its customers, employees, and communities. We are a team of dedicated professionals. With more than 800 people working remotely for us, TASC is able to serve businesses of all sizes across every state in the US.

POSITION PURPOSE:

TASC is searching for a new Sr. Security Engineer to join our Enterprise Risk Management & Security team. This role provides technical leadership and subject matter expertise in information security, ensuring the confidentiality, integrity, and availability of organizational systems and data. The Senior Security Operations Engineer is responsible for designing, implementing, and maintaining security controls, monitoring threats, responding to incidents, and continuously enhancing the organization's security posture. This position plays a key role in delivering effective, scalable security solutions that balance risk management with business objectives.

POSITION DUTIES/RESPONSIBILITIES:

• Take a leading role in securing the systems and data from potential threats or compromise
• Design, implement, and execute systems' security defenses and capabilities across networks, databases, and internet/web operations
• Develop, implement, and effectively execute the security and monitoring operations
• Investigate security incidents and potential compromises to TCB systems and take actions to protect TCB systems. Utilize forensic best practices to investigate and maintain evidence integrity
• Oversee and enforce identity and access management controls, including privileged access governance, role-based access reviews, and integration of identity systems with enterprise authentication and authorization frameworks
• Consuming and operationalizing threat intel feeds (threat intelligence integration) to create/improve detection rules and make better risk decisions
• Consult on projects, design reviews, threat modeling sessions, and change board process to provide guidance on security architecture, posture, and/or impact as well as to ensure the integrity of new and/or existing business operations
• Continually evaluate TCB systems exposure to existing threats; including but not limited to reviewing security capabilities and provide advice on mitigating controls
• Consultandprovidesuggestionstomanagementonsecurityrelatedmatters
• Produce security metrics, KPIs, and reporting upwards to management or the board
• Stay informed and tuned to security industry trends, potential threats and vulnerabilities
• Research, evaluate, and make recommendations regarding security trends and innovations
• Evaluate system changes across the organization to assess and document the security risk and impact
• Evaluate third-party tools, vendors, or integrations for security risks
• Review and document policies, standards and procedures to maintain compliance
• Evaluate compliance and contractual requirements relative to systems capabilities
• Provide leadership, expertise and solutions on complex initiatives related to security
• Mentor others and may represent management at times
• Takes a leadership role on highly complex projects and provides guidance to less experienced staff
• Operates within TCB's guidelines pursuant to the Employee Handbook and all Policies and Procedures
• Perform additional duties as requested by Supervisor and/or Management

POSITION SUPERVISES: None

POSITIONAL COMPETENCIES (3-5):

• Technical Tools & Platforms
• Web filtering technology

• Network intrusion defense systems

• Endpoint monitoring

• Intrusion prevention systems

• Firewalls

• Vulnerability scanning tools

• Security information and event management (SIEM)

• Network taps, traffic aggregators and filters

• Identity management tools (AD, LDAP, web front end and virtualization)

• Application code vulnerability scanning (dynamic & static)

• Cloud architecture, configuration and deployment

• SOAR (Security Orchestration, Automation, and Response) tools

• Security Disciplines & Practices
• Data loss prevention (DLP)

• Penetration testing

• Forensic investigations and relevant tools

• Application security (threat modeling, SDLC integration, code review)

• Incident response - detection, investigation, containment, and recovery, especially in complex cloud-native environments

• Zero Trust architecture principles

• Scripting/automation proficiency

• Threat modeling methodologies

• Drafting security policies, standards, procedures, and documentation

• Draftingusersecuritytrainingandawarenesspoliciesandtrainingdocuments.

• Building controls and processes aligned with industry best practices

• Strong incident response skills across detection, investigation, containment, and recovery especially in complex cloud-native environments.
• Ability to draft security policies, standards, procedures and other forms of documentation.
• Success in building controls and processes to align with best practices.
• Strong ability to synthesize information from multiple sources.
• Excellent communication and listening skills with ability to interact effectively with all levels of management.
• Ability to work independently while maintaining deliverables. This includes the ability to develop relationships through building trust and credibility.
• Exercise independent technical judgment on security matters, including real-time incident response decisions, risk acceptance determinations, and security architecture recommendations, escalating to management where business impact or policy thresholds require.
• Ability to participate in a shared on-call rotation for security incidents

QUALIFICATIONS (EDUCATION/CERTIFICATIONS/EXPERIENCE):

• Bachelor's Degree or equivalent work-related experience in Computer Science, Information Systems, or other Information Technology related field.
• Minimum of 8 years' of combined Information Technology and Information Security experience, with at least 5 years in a dedicated security role.
• Minimum of 5 years' experience with regulated environments with compliance requirements (e.g.,NIST,SOC2, PCI DSS, ISO, CIS, HIPAA).
• Minimum of 5 years' experience leading implementation, optimization, and integration of security technologies across enterprise environments(i.e.Splunk, Tenable IO & SC, ProofPoint).
• Minimum of 5 years' experience with cloud platforms (AWS preferred).
• CISSP certification is required. Additional certifications are a plus(i.e.CCSP, AWS-specific certifications).
• Knowledge of AWS monitoring and logging tools such as Cloud watch, Cloud Trail, Security Hub, Guard Duty. etc.is a plus.

CORPORATE CORE COMPETENCIES:

• Drive Action & Results
  • Take on new opportunities with enthusiasm
  • Achieve results even in tough circumstances
  • Take personal accountability for decisions and actions
• Adapt to Change
  • Operate effectively when things are uncertain
  • Proactively acquire and evaluate information and adapt approach to match shifting demands/situations
  • Rebound from setbacks
• Embrace Innovation
  • Create new and better ways to approach challenges and develop solutions
  • Learn through experimentation
  • Encourage feedback and seek opportunities to work better/smarter/faster
  • Show personal commitment and take action to continuously improve
• Create Diversity & Foster Collaboration
  • Actively bring, seek, engage, and honor diverse perspectives
  • Identify and address barriers to inclusion to ensure equity and center belonging
  • Work collaboratively and build partnerships to meet shared objectives

PHYSICAL REQUIREMENTS:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.

While this is primarily a sedentary role, the employee is regularly required to talk and hear. The employee is also required to sit, stand; walk; use hands to finger, handle or feel; and reach with hands and arms. Specific vision abilities required by this job include close vision, depth perception and the ability to adjust focus.

TASC is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, gender identity, gender expression, pregnancy, national origin, citizenship status, disability, genetic characteristics, sexual orientation, marital status, domestic partner status, military status, protected veteran status, disability status or any other characteristic protected by law. Federal law requires all employers to verify the identity and employment eligibility of all persons hired to work in the United States. TASC participates in E-Verify.