TASC (Total Administrative Services Corporation)

• Deploy and maintain critical applications on cloud-native, distributed, serverless architecture. • Implement automation, observability, monitoring, and infrastructure-as-code. • Manage efficient and reliable CI/CD pipelines across multiple environments to help minimize developer friction. • Design and implement secure automation solutions for development, testing, and production environments. • Implement industry best practices for system hardening and configuration management, in conjunction with the SecOps team. • Improve system reliability through automation, monitoring, and operational best practices. • Sustain and improve the process of knowledge sharing throughout the engineering team. • Support and work alongside a cross-functional engineering team. • Have on call responsibilities in rotation with the engineering team.

• Own day-to-day security operations for AWS-based cloud and serverless workloads including threat detection, alert triage, incident response, forensics, and post-incident learning. • Build and tune detections and automations (SIEM rules, SOAR/runbooks, detection-as-code) to reduce MTTA/MTTR and eliminate noisy alerts. • Secure our delivery pipelines & runtime Harden CI/CD and software supply chain, and drive “secure by default” patterns in our SDLC. • Lead cloud/serverless hardening (IaC reviews, policy-as-code, least privilege IAM design, network segmentation). • Partner with DevOps and Engineering teams to evolve identity & access, endpoint/EDR posture. • Coordinate vulnerability management end-to-end: scanning, prioritization, remediation, and reporting. • Contribute to security governance (policies, standards, tabletop exercises, BCP/DR inputs) and support compliance efforts (e.g., SOC 2/PCI DSS). • Build security tooling and integrations for engineers, acknowledging that ease of use and low friction will encourage adoption and adherence. • Define metrics/KPIs and regularly communicate risk & progress to engineering and leadership. • Mentor engineers on secure design and champion a positive, enablement-first security culture. • Participate in architecture and threat modeling discussions to identify security risks early in the design process.