Information Security Engineer

Current job opportunities are posted here as they become available.

At TaxSlayer, we're more than just a tax software development company; we're empowering individuals and small businesses to plan for and file their tax returns online with confidence and ease. As a leading innovator in tax prep software, TaxSlayer, LLC, has been revolutionizing the way people file their taxes since 1965.

The security engineer is responsible for implementing, maintaining, monitoring, and managing secure solutions. The engineer delivers these solutions in accordance with the organization's architectural designs, best practices, and regulatory or compliance requirements. As risks change, the security engineer is responsible for recommending modifications and enhancements to ensure the organization is evolving with the threat landscape.

What will you do:

• Handle day–to–day implementation, monitoring, and operational support of hardware, software, customer applications, managed solutions, and service provider relationships.
• Actively participate and lead security team meetings that facilitate secure design.
• Engage in information security projects that evaluate existing security infrastructure and propose changes as defined by security leadership and architects. Additionally, deliver projects on time, within budget, and in accordance with service level agreements (SLAs).
• Assist with incident response and system stability issues as they occur. This may include involvement outside of regular work hours, and responsiveness is expected.
• Implement solutions observing compliance – Health Information Portability and Accountability Act (HIPAA), Gramm–Leach–Bliley Act (GLBA), Payment Card Industry (PCI), Sarbanes–Oxley Act (SOX), etc. – and privacy laws.
• Work in tandem with architects, the security operations center (SOC), incident responders, and technology infrastructure and development team members.
• Respond to and handle service and escalation tickets within SLA expectations.
• Develop security test plans from architectural design. Identify deficiencies and make enhancements to ensure production is not impacted.
• Participate regularly in change project and change management meetings.
• Research, validate and deploy solutions meeting security and business needs.
• Follow security engineering fundamentals and processes as outlined in NIST 800–160.
• Influence the planning and execution of incident response and postmortem exercises.
• Focus on driving security efficiencies, enabling security team members to work on more advanced tasks.
• Conduct performance testing to stress the limitations of security solutions.
• Perform other duties as assigned.

What we need:

• Preferably at least 5+ years' experience in cybersecurity, including compliance and risk management with a system and network security engineering background.
• Highly technical and analytical expertise, with a proven background in technology design, implementation, and delivery.
• Experience in cloud computing technologies, including software, infrastructure, and platform–as–a–service.
• Extensive knowledge of traditional security controls and technologies.
• Skilled in meeting vulnerability and penetration testing requirements.
• Excellent ability to clearly communicate business risk from cybersecurity issues.
• Experience managing SIEM systems and other network and system monitoring tools.
• Experience with Amazon Web Services (AWS) or Microsoft Azure.
• DevOps background with experience in compliance obligations.
• Experience with one or more of the following: ISO 27001, NIST, PCI Data Security Standard (PCI DSS), HIPAA, SOX, GDPR, CIS standards, or SOC 2.
• Working knowledge of Windows, Linux, and Unix.
• Familiarity with state privacy laws.
• Track record of acting with integrity and communicating effectively.
• Ability to think strategically and tactically, with effective decision–making skills.
• Highly trustworthy; leads by example.

Preferred Certifications:

• CISSP
• CISM and/or SANS certification
• Security Vendor Certifications

What we offer:

At TaxSlayer, we realize the most important aspects in leading our industry are the bright minds behind everything we do. We are proud to offer our employees a highly competitive, comprehensive, and flexible benefits program.

• Flexible remote and/or hybrid work options when possible.
• Exempt Salaried employees receive a generous PTO bank, in addition to Paid Holidays.
• Insurance: Medical, Dental, and Vision insurance offerings.
• 401K with 150% match on up to 3% contribution.
• Performance–based bonus and salary review process.
• Other offerings: Wellness Program, Life Insurance, Long–term and Short–term disability, Critical Illness Insurance, Education Assistance, company–paid parking, on–site fitness facility, and unlimited free coffee.

Please note: As a federal contractor, we are responsible to ensure our employees meet any obligations set forth by the U.S. government.

Equal Opportunity Employer

TaxSlayer is an equal opportunity employer and will not discriminate against any employee or applicant on the basis of age, color, disability, gender, national origin, race, religion, sexual orientation, veteran status, or any classification protected by federal, state, or local law.