Logo for TASC (Total Administrative Services Corporation)

Senior Security Operations Engineer

Role overview

About the company

TASC (Total Administrative Services Corporation) logo

TASC (Total Administrative Services Corporation)

Financial Services

TASC (Total Administrative Services Corporation) is an award-winning nationwide administrator of tax-advantaged health benefits plans offering comprehensive services for Clients, Participants, and Providers and serving companies ranging in size from one employee to thousands! New product development, innovative tools, and outstanding, transparent service keep TASC’s service offerings at the forefront of third-party benefits administration. TASC prides itself on helping business owners and their employees improve their bottom line, bringing them peace of mind, and providing them with fast and accessible service. AgriPlan and BizPlan (Section 105 HRA) are products that fall under TASC’s Microbusiness umbrella. AgriPlan and BizPlan save small business owners an average of $5,000 a year on their out-of-pocket medical expenses. Our Group Division provides employee benefits administration to companies of all sizes. The offerings include Benefits Account Management (FlexSystem FSA, Funded HRA, GiveBack, HRA, HSA, PayPath, Premium Only Plan, Transit & Parking), Continuation (COBRA, FMLA, Retiree Billing), and Compliance (ACA Employer Reporting, ERISA, Form 5500 Preparation, HIPAA Compliance, Medicare Part D, Non-Discrimination Testing, PCORI) services, making life easier for employers and their human resource managers.

Company details

Company typeSME
IndustryFinancial Services
Company size501 - 1000

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description


 

About the Company:


Xformative Payment Systems is seeking a hands-on Senior Security Operations Engineer to help secure and scale our platform. XPS is at the cutting edge of the Fintech industry, specializing in cloud-native payment processing solutions. XPS is a late stage start up that was conceptualized, established, and owned by Total Administrative Systems Corp (TASC) a benefit TPA to offer card based and payment product capabilities associated with healthcare and benefits. The business has new leadership and is entering its growth phase and will be expanding beyond its current markets.


At XPS, every member of our small, agile team can drive and create impactful work. Our flexible and fully remote work setup allows you to balance your professional and personal life seamlessly while contributing to our exciting growth journey.


Position Summary:


The Senior Security Operations Engineer will own day-to-day security operations across our cloud infrastructure and application workloads while partnering closely with our CTO and Information Security & Risk Officer. We’re looking for someone who not only identifies risks, but actively helps solve them through automation, collaboration, and implementation.


Position Responsibilities: 


  1. Detect, Protect, and Respond (Hands-On Security Operations)
    1. Own day-to-day security operations for AWS-based cloud and serverless workloads including threat detection, alert triage, incident response, forensics, and post-incident learning.
    2. Build and tune detections and automations (SIEM rules, SOAR/runbooks, detection-as-code) to reduce MTTA/MTTR and eliminate noisy alerts.
  1. Secure our delivery pipelines & runtime
    1. Harden CI/CD and software supply chain, and drive “secure by default” patterns in our SDLC.
    2. Lead cloud/serverless hardening (IaC reviews, policy-as-code, least privilege IAM design, network segmentation).
  1. Raise the bar across the organization (beyond prod)
    1. Partner with DevOps and Engineering teams to evolve identity & access, endpoint/EDR posture.
    2. Coordinate vulnerability management end-to-end: scanning, prioritization, remediation, and reporting.
    3. Contribute to security governance (policies, standards, tabletop exercises, BCP/DR inputs) and support compliance efforts (e.g., SOC 2/PCI DSS).
  1. Influence, automate, and measure
    1. Build security tooling and integrations for engineers, acknowledging that ease of use and low friction will encourage adoption and adherence.
    2. Define metrics/KPIs and regularly communicate risk & progress to engineering and leadership.
    3. Mentor engineers on secure design and champion a positive, enablement-first security culture.
    4. Participate in architecture and threat modeling discussions to identify security risks early in the design process.


Positional Competencies:

  1. Strong programming skills (Node, Typescript).
  2. Expertise in system administration, networking, and operating systems (Linux/Unix).
  3. Proficient in automation tools (Github Actions, Cloudformation, Terraform, Serverless, AWS SDK).
  4. Knowledge of AWS monitoring and logging tools such as Cloudwatch, CloudTrail, SecurityHub, GuardDuty. etc.
  5. Exceptional attention to detail with a preference for highly structured procedures.
  6. Solid grasp of CI/CD security, supply-chain risks, and IaC (Terraform) security reviews.
  7. Strong incident response skills across detection, investigation, containment, and recovery especially in complex cloud-native environments.

 

Qualifications: 

  1. Bachelor’s degree in computer science, engineering, or a related field, or equivalent experience in a similar role within the technology sector.
  2. Applicants must be authorized to work in the U.S. 
  3. 5 or more years of large-scale distributed system development.
  4. Minimum of 3 years’ fintech experience, or equivalent experience with regulated environments with compliance requirements (e.g., SOC2, PCI DSS)
  5. Minimum of 5 years working in Security Operations/Cloud Security/Blue Team roles, with deep, hands-on experience in AWS (IAM/GuardDuty/CloudTrail/CloudWatch).
  6. Practical expertise with SIEM/log analytics, EDR, and secrets management (e.g., Vault).
  7. Experience with cloud platforms (AWS preferred, GCP, Azure) and containerization technologies (Docker, ECS).
  8. Experience with CI/CD pipelines and tools (Github Actions)
  9. Willingness to participate in a shared on-call rotation for security incidents

 

CORPORATE CORE COMPETENCIES:

 

  1. Drive Action & Results
    1. Take on new opportunities with enthusiasm
    2. Achieve results even in tough circumstances
    3. Take personal accountability for decisions and actions

 

  1. Adapt to Change
    1. Operate effectively when things are uncertain
    2. Proactively acquire and evaluate information and adapt approach to match shifting demands/situations
    3. Rebound from setbacks 


  1. Embrace Innovation
    1. Create new and better ways to approach challenges and develop solutions 
    2. Learn through experimentation
    3. Encourage feedback and seek opportunities to work better/smarter/faster
    4. Show personal commitment and take action to continuously improve

 

  1. Create Diversity & Foster Collaboration
    1. Actively bring, seek, engage, and honor diverse perspectives
    2. Identify and address barriers to inclusion to ensure equity and center belonging
    3. Work collaboratively and build partnerships to meet shared objectives

 

 

PHYSICAL REQUIREMENTS:

 

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.


While this is primarily a sedentary role, the employee is regularly required to talk and hear. The employee is also required to sit, stand; walk; use hands to finger, handle or feel; and reach with hands and arms. Specific vision abilities required by this job include close vision, depth perception and the ability to adjust focus.


Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

Security Engineer Related jobs

Other jobs at TASC (Total Administrative Services Corporation)

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.