Security Engineer III

RxBenefits, Inc. is a company focused on providing security for networks, servers, and cloud platforms. The Security Engineer III will be responsible for implementing security solutions, coordinating threat analysis, and ensuring compliance with various standards.

Responsibilities:

• Responsible for the administration of the following corporate application systems:
• Security automation: Design and implement automated workflows for detection, alert triage, and response using scripting (Python, PowerShell) and APIs. Integrate alerting, ticketing, and security tools to reduce MTTR and operational overhead
• SIEM platform: Rule tuning, log onboarding, parsing, correlation, alert tuning, and rule lifecycle management
• AWS security controls: IAM policy management, Guard Duty, Config, CloudTrail, Security Hub, and automation of remediation actions
• Identity and access management: Active Directory, MFA, conditional access, and related authentication controls
• Privileged Access Management (PAM): Administration of Britive for just-in-time access across cloud and containerized infrastructure
• Endpoint security: Anti-virus, EDR, configuration standards, asset visibility and management
• Email security: Filtering, encryption, phishing remediation, and DLP policy management
• Monitor daily operations of application systems, cloud platforms, and internal systems for vulnerabilities, misconfigurations, and compliance deviations
• Analyze security data across systems and tools to identify threats, vulnerabilities, and misconfigurations; provide actionable insights and recommendations
• Investigate security incidents, lead incident response activities, and document findings, ensuring proper root cause analysis and resolution
• Collaborate with cross-functional teams to support the implementation of secure infrastructure, cloud resources, and application rollouts
• Ensure SIEM and automation-related tasks (rule maintenance, log health checks, false-positive reduction) are performed regularly and documented
• Maintain operational documentation, diagrams, and processes related to security tools and architecture
• Participate in tabletop exercises and post-incident reviews to improve incident readiness and resiliency

Requirements:

• Bachelor's degree in a technical field or equivalent work experience required
• 5+ Years of experience in security administration, security operations, or SOC environments
• 5+ Years of experience in SIEM engineering, detection rule writing, and log pipeline management
• 3+ Years of experience with security automation scripting (Python, PowerShell, etc.) and integration via RESTful APIs
• 5 + Years of hands-on experience with AWS, including deep knowledge of AWS security services and IAM configurations
• 5+ Hands-on experience with security technologies such as endpoint detection and response (EDR), secure web gateways, email security platforms, vulnerability management solutions, and privileged access management (PAM) systems
• Strong technical writing and documentation skills for processes, reports, and procedures
• Experience participating in incident response exercises and recovery planning
• Ability to work independently while managing multiple priorities and meeting deadlines
• Excellent verbal and written communication skills with technical and non-technical audiences
• Proven ability to deliver high-quality results in a dynamic and fast-paced environment
• Relevant cybersecurity or cloud security certification(s) preferred, such as AWS Security Specialty; CISSP is a plus
• Experience in healthcare or other highly regulated environments is preferred