TASC - Senior Security Engineer
About TASC
The nation's largest, privately held third party benefits administrator of employee benefits, TASC aims to improve the health, wealth, and well-being of its customers, employees, and communities. A team of dedicated professionals, TASC serves businesses of all sizes across every state in the US.
Position Purpose
TASC is seeking a new Senior Security Engineer to join their Enterprise Risk Management & Security team. This role involves providing technical leadership and subject matter expertise in information security, ensuring the confidentiality, integrity, and availability of organizational systems and data.
Position Duties/Responsibilities
Take a leading role in securing systems and data from potential threats or compromise
Design, implement, and execute systems’ security defenses and capabilities across networks, databases, and internet/web operations
Develop, implement, and effectively execute the security and monitoring operations
Investigate security incidents and potential compromises to TCB systems and take actions to protect TCB systems
Utilize forensic best practices to investigate and maintain evidence integrity
Oversee and enforce identity and access management controls, including privileged access governance, role-based access reviews, and integration of identity systems with enterprise authentication and authorization frameworks
Consume and operationalize threat intel feeds to create/improve detection rules and make better risk decisions
Consult on projects, design reviews, threat modeling sessions, and change board process to provide guidance on security architecture, posture, and/or impact as well as to ensure the integrity of new and/or existing business operations
Continually evaluate TCB systems exposure to existing threats; including but not limited to reviewing security capabilities and provide advice on mitigating controls
Consult and provide suggestions to management on security-related matters
Produce security metrics, KPIs, and reporting upwards to management or the board
Stay informed and tuned to security industry trends, potential threats and vulnerabilities
Research, evaluate, and make recommendations regarding security trends and innovations
Evaluate system changes across the organization to assess and document the security risk and impact
Evaluate third-party tools, vendors, or integrations for security risks
Evaluate compliance and contractual requirements relative to systems capabilities
Provide leadership, expertise, and solutions on complex initiatives related to security
Mentor others and may represent management at times
Takes a leadership role on highly complex projects and provides guidance to less experienced staff
Operates within TCB’s guidelines pursuant to the Employee Handbook and all Policies and Procedures
Performs additional duties as requested by Supervisor and/or Management
Position Supervises: None
Positional Competencies
Technical Tools & Platforms: Web filtering technology, network intrusion defense systems, endpoint monitoring, intrusion prevention systems, firewalls, vulnerability scanning tools, security information and event management (SIEM), network taps, traffic aggregators and filters, identity management tools (AD, LDAP, web front end and virtualization), application code vulnerability scanning (dynamic & static), cloud architecture, configuration and deployment, SOAR (Security Orchestration, Automation, and Response) tools, security disciplines & practices (data loss prevention (DLP), penetration testing, application security (threat modeling, SDLC integration, code review), incident response — detection, investigation, containment, and recovery, especially in complex cloud-native environments, zero trust architecture principles, scripting/automation proficiency, threat modeling methodologies)
Security Disciplines & Practices: Drafting security policies, standards, procedures, and documentation, drafting user security training and awareness policies and training documents, building controls and processes aligned with industry best practices, strong incident response skills across detection, investigation, containment, and recovery especially in complex cloud-native environments
Corporate Core Competencies: Drive Action & Results, Take on new opportunities with enthusiasm, achieve results even in tough circumstances, take personal accountability for decisions and actions, adapt to change, operate effectively when things are uncertain, proactively acquire and evaluate information and adapt approach to match shifting demands/situations, rebound from setbacks, embrace innovation, create new and better ways to approach challenges and develop solutions, learn through experimentation, encourage feedback and seek opportunities to work better/smarter/faster, show personal commitment and take action to continuously improve, create diversity & foster collaboration, actively bring, seek, engage, and honor diverse perspectives, identify and address barriers to inclusion to ensure equity and center belonging, work collaboratively and build partnerships to meet shared objectives
Qualifications
Bachelor’s Degree or equivalent work-related experience in Computer Science, Information Systems, or other Information Technology related field
Minimum of 8 years’ of combined Information Technology and Information Security experience, with at least 5 years in a dedicated security role
Minimum of 5 years’ experience with regulated environments with compliance requirements (e.g., NIST, SOC2, PCI DSS, ISO, CIS, HIPAA)
Minimum of 5 years’ experience leading implementation, optimization, and integration of security technologies across enterprise environments (i.e. Splunk, Tenable IO & SC, ProofPoint)
Minimum of 5 years’ experience with cloud platforms (AWS preferred)
CISSP certification is required
Additional certifications are a plus (i.e. CCSP, AWS-specific certifications)
Knowledge of AWS monitoring and logging tools such as CloudWatch, CloudTrail, SecurityHub, GuardDuty is a plus