[Remote] Xformative - Senior Security Operations Engineer
Note: The job is a remote job and is open to candidates in USA. TASC (Total Administrative Services Corporation) is seeking a hands-on Senior Security Operations Engineer to help secure and scale their platform at Xformative Payment Systems, a company specializing in cloud-native payment processing solutions. The role involves owning day-to-day security operations across cloud infrastructure and application workloads, with a focus on risk identification and automation.ResponsibilitiesDetect, Protect, and Respond (Hands-On Security Operations)Own day-to-day security operations for AWS-based cloud and serverless workloads including threat detection, alert triage, incident response, forensics, and post-incident learningBuild and tune detections and automations (SIEM rules, SOAR/runbooks, detection-as-code) to reduce MTTA/MTTR and eliminate noisy alertsSecure our delivery pipelines & runtimeHarden CI/CD and software supply chain, and drive “secure by default” patterns in our SDLCLead cloud/serverless hardening (IaC reviews, policy-as-code, least privilege IAM design, network segmentation)Raise the bar across the organization (beyond prod)Partner with DevOps and Engineering teams to evolve identity & access, endpoint/EDR postureCoordinate vulnerability management end-to-end: scanning, prioritization, remediation, and reportingContribute to security governance (policies, standards, tabletop exercises, BCP/DR inputs) and support compliance efforts (e.g., SOC 2/PCI DSS)Influence, automate, and measureBuild security tooling and integrations for engineers, acknowledging that ease of use and low friction will encourage adoption and adherenceDefine metrics/KPIs and regularly communicate risk & progress to engineering and leadershipMentor engineers on secure design and champion a positive, enablement-first security cultureParticipate in architecture and threat modeling discussions to identify security risks early in the design processSkillsBachelor's degree in computer science, engineering, or a related field, or equivalent experience in a similar role within the technology sectorApplicants must be authorized to work in the U.S5 or more years of large-scale distributed system developmentMinimum of 3 years' fintech experience, or equivalent experience with regulated environments with compliance requirements (e.g., SOC2, PCI DSS)Minimum of 5 years working in Security Operations/Cloud Security/Blue Team roles, with deep, hands-on experience in AWS (IAM/GuardDuty/CloudTrail/CloudWatch)Practical expertise with SIEM/log analytics, EDR, and secrets management (e.g., Vault)Experience with cloud platforms (AWS preferred, GCP, Azure) and containerization technologies (Docker, ECS)Experience with CI/CD pipelines and tools (Github Actions)Willingness to participate in a shared on-call rotation for security incidentsStrong programming skills (Node, Typescript)Expertise in system administration, networking, and operating systems (Linux/Unix)Proficient in automation tools (Github Actions, Cloudformation, Terraform, Serverless, AWS SDK)Knowledge of AWS monitoring and logging tools such as Cloudwatch, CloudTrail, SecurityHub, GuardDuty. etcExceptional attention to detail with a preference for highly structured proceduresSolid grasp of CI/CD security, supply-chain risks, and IaC (Terraform) security reviewsStrong incident response skills across detection, investigation, containment, and recovery especially in complex cloud-native environmentsBenefitsOur flexible and fully remote work setup allows you to balance your professional and personal life seamlesslyCompany OverviewTASC (Total Administrative Services Corporation) is an award-winning nationwide administrator of tax-advantaged health benefits plans offering comprehensive services for Clients, Participants, and Providers and serving companies ranging in size from one employee to thousands! New product development, innovative tools, and outstanding, transparent service keep TASC’s service offerings at the forefront of third-party benefits administration. It was founded in 1975, and is headquartered in Madison, Wisconsin, USA, with a workforce of 501-1000 employees. Its website is https://www.tasconline.com.