Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Senior Information Security Engineer
Company Fanatics
Location Remote
Preferred GIAC Certifications GPCS, GCLD
Travel 1%
Salary Not provided
URL https://jobs.lever.co/fanatics/ee86f6c8-3085-4cad-be36-4d4e937cb9e8
Contact Name Michael Green
Contact Email mgreen/at/fanatics.com
Expires 2021-10-21

Job Description

About the Team

Fanatics is first and foremost a technology company. We are powered by cutting-edge tech created by our small agile teams using the latest tools and technologies under our highly analytical, forward thinking, and open-minded leadership. As the global leader in licensed sports merchandise, we challenge ourselves by improving our new fully responsive NodeJS cloud commerce platform, Elasticsearch engine, and deep data science capabilities while building the best-in-class retail manufacturing and supply chain technologies. Our tech teams work together to revolutionize data science and engineering initiatives, provide highly scalable real-time and streaming platforms, and create secure e-commerce and in-stadium fan experience products. Our own e-commerce platform transacts in over 190 countries, 17 languages, and 14 currencies. Our motto is “#GSD”—get stuff done—and we do just that. If you want to be at the nexus of sports, commerce, and technology, come be a part of our industry-leading team here at Fanatics Tech.

Fanatics is looking for a Senior Information Security Engineer to join our Information Security team. This position will be primarily responsible for the continued evolution of our enterprise security logging solution and the integration of security tools used internally by the Fanatics Information Security team. Our team members are given a great deal of autonomy in the pursuit of keeping Fanatics secure and a successful candidate will demonstrate strong communication skills and is expected to be comfortable and effective working independently and as part of a larger, highly distributed team. We're looking specifically for folks who place an emphasis on usable security. Fanatics is a fast-growing company and our security program needs to be able to keep pace with that growth while not disrupting innovation.
The Position

Build and operate a scalable and sustainable security automation infrastructure supporting the Fanatics Information Security Team.
Sustain and refine the enterprise security logging system and Fanatics SIEM to drive the proactive and intelligence-driven identification and management of cyber security incidents
Automate and integrate workflows between and within the SIEM, big data platforms, threat & vulnerability intelligence ingestion and information security incident response system
Develop, implement and automate strategies, creating and tuning tools and rules for detecting and addressing malicious activity
Strategically define and implement additional detective capabilities or data sources to improve telemetry
Regularly triage cyber security incidents post-enrichment and respond to events as part of the incident response process
Constantly innovate at the pace of the adversary using latest techniques
Mentor fellow Fanatics personnel on best security practices through cross-functional work with infrastructure and engineering teams

Is this You?

Splunk Enterprise Certified Admin certification or ability to demonstrate expert level experience with Splunk (in standalone and clustered modes) and Splunk Enterprise Security including:
Deployment server and building server classes
Index and search head clustering
Utilizing indexer discovery
Custom props and transforms for apps
Dashboards and advanced SPL queries
Importing new data sources into Splunk Enterprise Security
Developing new correlation searches
Building custom apps

Significant experience with AWS, including:
Automated configuration of AWS Auto Scaling
Automated creation of AWS Security Groups
Automated management of large scale and highly available infrastructure

Experience writing tools to automate tasks and integrate systems in Python
Experience with the implementation and refinement of SOAR platforms is a significant plus
Experience with other SIEM systems and enterprise logging solutions (ELK, etc.) is a plus



Tryouts are open at Fanatics! Our team is passionate, talented, unified, and charged with creating the fan experience of tomorrow. The ball is in your court now.

Ensure your Fanatics job offer is legitimate and don’t fall victim to fraud. Fanatics never seeks payment from job applicants. Fanatics recruiters will only reach out to applicants from an @fanatics.com or @fanatics.co.uk email address. For added security, where possible, apply through our company website at www.fanaticsinc.com/careers

Fanatics is committed to responsible planning and purchasing (RPP) practices, working with its business partners across its global and multi-layered supply chain, to ensure that planning, sourcing, and purchasing decisions, along with other supporting processes, do not impede or conflict with the fulfillment of Fanatics’ fair labor practices.

NOTICE TO CALIFORNIA RESIDENTS/APPLICANTS: In connection with your application, we collect information that identifies, reasonably relates to or describes you (“Personal Information”). The categories of Personal Information that we collect include your name, government issued identification number(s), email address, mailing address, other contact information, emergency contact information, employment history, educational history, criminal record, and demographic information. We collect and use those categories of Personal Information about you for human resources and other business management purposes, including identifying and evaluating you as a candidate for potential or future employment or future contract positions, recordkeeping in relation to recruiting and hiring, conducting criminal background checks as permitted by law, conducting analytics, and ensuring compliance with applicable legal requirements and Company policies.