Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Staff Security Analyst
Company Fanatics
Location Jacksonville, FL
Preferred GIAC Certifications GCIH, GCFA
Travel 1%
Salary Not provided
URL https://jobs.lever.co/fanatics/7234f078-f01f-4fd0-8bf4-d228443d4fcd
Contact Name Michael Green
Contact Email mgreen/at/fanatics.com
Expires 2021-10-21

Job Description

About the Team

Fanatics is first and foremost a technology company. We are powered by cutting-edge tech created by our small agile teams using the latest tools and technologies under our highly analytical, forward thinking, and open-minded leadership. As the global leader in licensed sports merchandise, we challenge ourselves by improving our new fully responsive NodeJS cloud commerce platform, Elasticsearch engine, and deep data science capabilities while building the best-in-class retail manufacturing and supply chain technologies. Our tech teams work together to revolutionize data science and engineering initiatives, provide highly scalable real-time and streaming platforms, and create secure e-commerce and in-stadium fan experience products. Our own e-commerce platform transacts in over 190 countries, 17 languages, and 14 currencies. Our motto is “#GSD”—get stuff done—and we do just that. If you want to be at the nexus of sports, commerce, and technology, come be a part of our industry-leading team here at Fanatics Tech.

Fanatics is searching for an experienced Staff Security Analyst to join our Security Operations team. The ideal candidate will have 5 or more years of work experience specifically in the field of Information Security.

Information Security team members are given a great deal of autonomy in the pursuit of keeping Fanatics secure and a successful candidate will demonstrate a good work ethic, superior communication skills, and is expected to be comfortable and effective working independently and as part of a larger, highly-distributed team.

We're looking specifically for folks who place an emphasis on usable security. Fanatics is a fast-growing company and our security program needs to be able to keep pace with that growth while not disrupting innovation.
Responsibilities:

Serve as a lead for a team of SOC Analysts.
Conduct threat hunting activities and monitor external information sources to identify potential threats to Fanatics.
Lead tabletop and red team / blue team exercises to regularly test our incident response capabilities.
Recommend how to optimize security monitoring tools based on assessments of available threat intelligence data and incident trends.
Mentor and train other members of the Security Operations team.
Serve as an escalation point in incident response scenarios; acting as the incident commander and conducting detailed analysis and forensic investigations as needed.
Monitor and analyze alerts, network traffic, and system logs for unusual behavior, attributing suspicious activity to specific threats and implementing measures to mitigate risk.
Help design, deploy, and operate internal Fanatics security systems.
Participate in a 24/7 on-call rotation, helping triage and respond to security incidents as they arise and providing tier 3 support for internal end users.
Coordinate with other teams in IT to implement standards for endpoint security, vulnerability management, and system hardening.
Contribute to SOC documentation (processes, hardening standards, playbooks, and after action reports) working closely with the SOC Manager to continuously improve day to day operations.
Lead efforts to automate day to day operations and creation of artifacts for compliance audits.

Experience and Skills:

High level of commitment, energy and creativity with the ability to work in a fast paced, rapidly changing environment.
Excellent oral and written communication skills, including the ability to interact effectively with executives, engineers, vendors and peers.
Strong analytical skills, including structured problem solving and instinctive thinking.
Hands on experience working within a formal incident response process and conducting forensic investigations.
Highly adept at managing IT security projects that are cross-functional in nature.
Expert level proficiency with scripting and query languages (Python, Powershell, SQL, etc.) with a passion for automation.
Strong networking skills; OSI model, TCP/IP, HTTPS, network intrusion detection and prevention.
Experience working with enterprise level access management, SIEM, IDS/IPS, end-point protection, and multi-factor authentication systems.
Must be comfortable working with and troubleshooting in a heterogeneous operating environment, including hands-on administrative experience with Windows, Macintosh, and Linux and a strong working knowledge of Active Directory and O365.
Experience working in a hybrid environment that includes on-premise and cloud based systems.

Required Qualifications

5 or more years of relevant work experience specifically in the field of Information Security.
One or more of the following certifications preferred: CISSP, SSCP, GCIH, ECIH, GCFA, CCFP
College Degree in related field (Information Security, Information Systems, Computer Science/Computer Engineering) or equivalent work experience.

Tryouts are open at Fanatics! Our team is passionate, talented, unified, and charged with creating the fan experience of tomorrow. The ball is in your court now.

Ensure your Fanatics job offer is legitimate and don’t fall victim to fraud. Fanatics never seeks payment from job applicants. Fanatics recruiters will only reach out to applicants from an @fanatics.com or @fanatics.co.uk email address. For added security, where possible, apply through our company website at www.fanaticsinc.com/careers

Fanatics is committed to responsible planning and purchasing (RPP) practices, working with its business partners across its global and multi-layered supply chain, to ensure that planning, sourcing, and purchasing decisions, along with other supporting processes, do not impede or conflict with the fulfillment of Fanatics’ fair labor practices.

NOTICE TO CALIFORNIA RESIDENTS/APPLICANTS: In connection with your application, we collect information that identifies, reasonably relates to or describes you (“Personal Information”). The categories of Personal Information that we collect include your name, government issued identification number(s), email address, mailing address, other contact information, emergency contact information, employment history, educational history, criminal record, and demographic information. We collect and use those categories of Personal Information about you for human resources and other business management purposes, including identifying and evaluating you as a candidate for potential or future employment or future contract positions, recordkeeping in relation to recruiting and hiring, conducting criminal background checks as permitted by law, conducting analytics, and ensuring compliance with applicable legal requirements and Company policies.