Application Security Engineer II
Company Overview
Fanatics is the ultimate one-stop sports fan destination that ignites and harnesses the passion of fans and maximizes the presence and reach for preeminent sports partners globally. Leveraging long-standing, often exclusive relationships with more than 900 sports properties, a database of more than 90 million consumers worldwide and a trusted brand name, Fanatics is furthering its innovation across the sports landscape by building the leading global digital sports platform, complete with offerings including e-commerce and licensed merchandise, physical and digital trading cards and collectibles, and online sports betting and iGaming.
The Fanatics family of companies currently includes Fanatics Commerce, a vertically-integrated licensed merchandise business that has changed the way fans purchase their favorite team apparel, jerseys, headwear and hardgoods through a tech-infused approach to making and quickly distributing fan gear in today’s 24/7 mobile-first economy; Fanatics Collectibles, a transformative company that is building a new model for the hobby and giving collectors an end-to-end physical and digital collectibles experience; and Fanatics Betting & Gaming, a mobile betting, gaming and retail sportsbook platform.
As a market leader with more than 10,000 employees, and hundreds of partners, suppliers, and vendors worldwide, we take responsibility for driving toward more ethical and sustainable practices. We are committed to building an inclusive Fanatics community, reflecting and representing society at every level of the business, including our employees, vendors, partners and fans. Fanatics is also dedicated to making a positive impact in the communities where we all live, work, and play through strategic philanthropic initiatives.
At Fanatics, we’re a diverse, passionate group of employees aiming to ignite pride and passion in the fans we outfit, celebrate and support. We recognize that diversity helps drive and foster innovation, and through our IDEA program (inclusion, diversity, equality and advocacy) at Fanatics we provide employees with tools and resources to feel connected and engaged in who they are and what they do to support the ultimate fan experience.
The base salary range for this role is $136,000 per year - $204,000 per year, depending on job-related knowledge, skills, and experience. This role is eligible for the Fanatics Betting and Gaming annual bonus program and an equity award.
In addition to the base, bonus, and equity, full-time employees are eligible for Medical, Dental, Vision, 401K, paid time off, and other benefits like GymPass, Pet Insurance, Family Care Benefits, Free Shipt deliveries, and more. We’ll also give you $500 to set up your home office!
For information about our benefits, please visit https://benefitsatfanatics.com/.
Overview
As an APPLICATION SECURITY ENGINEER II at Fanatics Betting & Gaming (FBG), your knowledge and experience in application security will help lead the organization in identifying, assessing, and remediating vulnerabilities in the organization. This role sits within the Information Security department and reports to the Principal Application Security Engineer.
Responsibilities
- Conduct penetration testing and vulnerability assessments to identify and evaluate potential security risks in applications, systems, and networks.
- Develop and maintain security testing procedures and methodologies, including manual and automated testing.
- Work with development teams to remediate security issues found during testing, providing guidance and support as necessary.
- Collaborate with other security professionals to design and implement security controls and processes.
- Stay up-to-date on the latest threats, vulnerabilities, and security trends to ensure that our organization is prepared to address emerging threats.
- Collaborate on security assessments on third-party software and services used by the organization when necessary.
- Participate in incident response activities as needed.
Qualifications
- Bachelor's degree in Computer Science, Information Technology, or a related field
- Minimum of 3 years of experience in application security, including penetration testing
- Strong understanding of web application security principles and OWASP Top 10 vulnerabilities
- Familiarity with security testing tools such as Burp Suite, Nessus, or similar tools
- Knowledge of secure coding practices and ability to work closely with development teams to promote secure coding principles
- Ability to communicate effectively with technical and non-technical stakeholders
- Ability to prioritize and balance multiple projects simultaneously
- Ability to collaborate and work in a team environment
- Experience with scripting languages such as Python or Bash is a plus
- Relevant certifications such as OSCP, CEH, or GWAPT are a plus
If you possess some of these skills but not all of them, we still encourage you to apply!
Ensure your Fanatics job offer is legitimate and don’t fall victim to fraud. Fanatics never seeks payment from job applicants. Feel free to ask your recruiter for a phone call or other type of communication for interview, and ensure your communication is coming from a Fanatics or Fanatics Brand email address (this includes @betfanatics.com). For added security, where possible, apply through our company website at www.fanaticsinc.com/careers
Tryouts are open at Fanatics! Our team is passionate, talented, unified, and charged with creating the fan experience of tomorrow. The ball is in your court now.
Fanatics is committed to responsible planning and purchasing (RPP) practices, working with its business partners across its global and multi-layered supply chain, to ensure that planning, sourcing, and purchasing decisions, along with other supporting processes, do not impede or conflict with the fulfillment of Fanatics’ fair labor practices.
NOTICE TO CALIFORNIA RESIDENTS/APPLICANTS: In connection with your application, we collect information that identifies, reasonably relates to or describes you (“Personal Information”). The categories of Personal Information that we collect include your name, government issued identification number(s), email address, mailing address, other contact information, emergency contact information, employment history, educational history, criminal record, and demographic information. We collect and use those categories of Personal Information about you for human resources and other business management purposes, including identifying and evaluating you as a candidate for potential or future employment or other types of positions, recordkeeping in relation to recruiting and hiring, conducting criminal background checks as permitted by law, conducting analytics, and ensuring compliance with applicable legal requirements and Company policies. For additional information on how we collect and use personal information in connection with your job application, review our Candidate Privacy Policy-CA