Security Engineer

About TASC:

As the nation's largest, privately held third party benefits administrator of employee benefits, TASC has a Mission to improve the health, wealth and well-being of its customers, employees, and communities. We are a team of dedicated professionals. With more than 800 people working remotely for us, TASC is able to serve businesses of all sizes across every state in the US.

Position Summary:

TASC has a long history of bringing game-changing solutions to the benefits field, and as a vital team member within the Enterprise Shared Services ERM team, you will be responsible supporting the execution of our information security, purpose, plan and implementation and maintenance of security defenses that provide the best protection and value for the organization.

Qualified candidates will have:

• Bachelor's Degree or equivalent post high school education and/or work related experience in Computer Science, Information Systems, or other Information Technology related field.
• Minimum of 2 years' experience in Information Systems
• Splunk and NIST are preferred
• CISSP certification is a plus

Position Duties/Responsibilities:

• Develop and carryout systems' security defenses and capabilities across networks, databases, and internet/web operations.
• Evaluate system changes across the organization to assess and document the security risk and impact.
• Develop, implement, and effectively execute the security and monitoring operations.
• Investigate security incidents and potential compromises to company systems and take actions to protect company systems. Utilize forensic best practices to investigate and maintain evidence integrity.
• Conducts testing and configuration procedures across products and systems and provide advice on mitigating controls.
• Consult on projects to provide guidance on security architecture and security posture to ensure the integrity of new and/or existing business operations.
• Continually evaluate company systems exposure to existing threats; including but not limited to reviewing security capabilities and provide advice on mitigating controls.
• Consult and provide suggestions to management on security related matters.
• Support the review and documentation of policies, standards and procedures to maintain compliance.
• Evaluate compliance and contractual requirements relative to systems capabilities.
• Stay informed and tuned to security industry trends, potential threats and vulnerabilities.
• Research, evaluate, and make recommendations regarding security trends and innovations.
• Operates within all guidelines pursuant to the Employee Handbook and all Policies and Procedures.
• Performs additional duties as requested by Supervisor and/or Management.

Positional competencies:

• Skilled working with the following:
  • Web filtering technology
  • Network intrusion defense systems
  • End point monitoring
  • Data leak protection
  • Intrusion prevention systems
  • Penetration testing
  • Firewalls
  • Vulnerability scanning tools
  • Security information and event management
  • Network tabs, traffic aggregators and filters
  • Forensic investigations and relevant tools
  • Identity management tools, AD, LDAP, web front end and virtualization
  • Application code vulnerability scanning (dynamic & static) and application security
  • Cloud architecture, configuration and deployment
• Ability to draft security policies, standards, procedures and other forms of documentation
• Success in building controls and process to align with best practices
• Strong ability to synthesize information from multiple sources
• Excellent communication and listening skills with ability to interact effectively with all levels of management
• Ability to work independently while maintaining deliverables. This includes the ability to develop relationships through building trust and credibility.

Corporate Core Competencies:

• Drive Action & Results
  • Take on new opportunities with enthusiasm
  • Achieve results even in tough circumstances
  • Take personal accountability for decisions and actions
• Adapt to Change
  • Operate effectively when things are uncertain
  • Proactively acquire and evaluate information and adapt approach to match shifting demands/situations
  • Rebound from setbacks
• Embrace Innovation
  • Create new and better ways to approach challenges and develop solutions
  • Learn through experimentation
  • Encourage feedback and seek opportunities to work better/smarter/faster
  • Show personal commitment and take action to continuously improve
• Create Diversity & Foster Collaboration
  • Actively bring, seek, engage, and honor diverse perspectives
  • Identify and address barriers to inclusion to ensure equity and center belonging
  • Work collaboratively and build partnerships to meet shared objectives

PHYSICAL REQUIREMENTS:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.

While this is primarily a sedentary role, the employee is regularly required to talk and hear. The employee is also required to sit, stand; walk; use hands to finger, handle or feel; and reach with hands and arms. Specific vision abilities required by this job include close vision, depth perception and the ability to adjust focus.