Staff Security Engineer, Detection and Response

Posted Dec 31

Fanatics is building a leading global digital sports platform. The company ignites the passions of global sports fans and maximizes the presence and reach for hundreds of sports partners globally by offering innovative products and services across Fanatics Commerce, Fanatics Collectibles, and Fanatics Betting & Gaming, allowing sports fans to Buy, Collect and Bet. Through the Fanatics platform, sports fans can buy licensed fan gear, jerseys, lifestyle and streetwear products, headwear, and hardgoods; collect physical and digital trading cards, sports memorabilia, and other digital assets; and bet as the company builds its Sportsbook and iGaming platform. Fanatics has an established database of over 100 million global sports fans, a global partner network with over 900 sports properties, including major national and international professional sports leagues, teams, players associations, athletes, celebrities, colleges, and college conferences, and over 2,000 retail locations, including its Lids retail business stores. 

As a market leader with more than 18,000 employees, and hundreds of partners, suppliers, and vendors worldwide, we take responsibility for driving toward more ethical and sustainable practices. We are committed to building an inclusive Fanatics community, reflecting and representing society at every level of the business, including our employees, vendors, partners and fans. Fanatics is also dedicated to making a positive impact in the communities where we all live, work, and play through strategic philanthropic initiatives.

Fanatics is looking for an experienced Staff Security Engineer to join our Detection and Response team. The ideal candidate is well versed in incident response, passionate about engineering solutions to security problems, and enjoys driving process improvement. In this role, you will have incident response duties in addition to being responsible for the design and development of the detections and automated workflows that we need to scale our incident response capabilities. 

Information Security team members are given a great deal of autonomy in the pursuit of keeping Fanatics secure and a successful candidate will demonstrate a strong work ethic, superior communication skills, and is expected to be comfortable and effective working independently and as part of a larger, highly-distributed team. We're looking specifically for people who place an emphasis on usable security. Fanatics is a fast-growing company and our security program needs to be able to keep pace with that growth while not disrupting innovation.

Responsibilities:

  • Respond to security incidents, perform investigations, conduct incident analysis, and articulate potential risks and remediation strategies to stakeholders.
  • Participate in a weekly 24/7 on-call rotation, providing opportunities to see your detections and automated workflows at work on the front line.   
  • Use detection engineering best practices to develop and continuously optimize alerts, allowing us to spend our cycles effectively and spot anomalies quickly.
  • Develop, test, and maintain SOAR workflows, integrations, and scripts to improve the speed and consistency of incident response.
  • Author and maintain documentation for all detections, automated response workflows, integrations, and scripts.
  • Contribute to improving processes, procedures, and technologies used for detection and response, enabling us to improve after each incident.
  • Conduct proactive threat hunts and threat modeling exercises to identify and pinpoint potential security threats, drawing on insights into attacker TTPs to identify potential IOCs and incorporate findings into security controls.
  • Author and maintain incident response plans and response playbooks, including identification, remediation, containment, and eradication procedures. 
  • Help train, mentor and direct the work of your teammates.
  • Partner with leadership and peers to gather requirements, priorities, and enhancements, translating those needs in to data, tooling, and integration requirements.
  • Work closely with other engineering teams to continuously provide requirements and use cases for enabling technologies including but not limited to SIEM, SOAR, EDR, Intrusion Detection Systems, HIPS, Web Proxy/Content Filtering, System Hardening, Identity Management, and PKI.

Experience and Skills:

  • Defensive practitioner who understands offensive security and the actual scenarios that lead to compromise.
  • Hands-on incident response experience, including managing complex investigations with many stakeholders.
  • Very strong working knowledge of adversary TTPs and experience using MITRE ATT&CK principles to detect and respond to security incidents.
  • Advanced experience with enterprise SIEM platforms including the design and development of detections, reports, and dashboards.
  • Ability to analyze endpoint, network, and application logs for anomalous events, including hands-on experience with data analysis, modeling, and correlation at scale.
  • Strong SOAR development skills and proven experience automating security response workflows in an enterprise environment.
  • Experience using scripting, REST APIs, and query languages for automation, alert enrichment, and detections.
  • Experience using penetration testing and ATT&CK framework tools to simulate adversarial behaviors and translate those behaviors into detections.
  • Strong OS administration skills including conceptual knowledge of OS internals and understanding of malware functionality and persistence mechanisms.
  • Exceptional communication skills and a proven track record of communicating effectively with internal and external stakeholders at all levels.
  • Robust analytical and problem-solving capabilities, with a keen eye for objectively evaluating security risks.
  • High level of commitment, energy, and creativity with the ability to work in a fast paced, rapidly changing environment.
  • Meticulous attention to detail with strong organizational skills and ability to prioritize work effectively.
  • Proficiency using and managing a variety of security tools and technologies, such as, MFA, IDS/IPS, EDR, WAF, and Vulnerability Management.
  • Experience using CI/CD tools like Gitlab or Github.
  • Experience working in a hybrid environment that includes on-premise and cloud based systems.

Desired Qualifications:

  • 8+ years of experience working in technical information security roles with a focus on security monitoring, threat detection, and incident response.
  • One or more of the following certifications is a nice to have: CISSP, GCIH, ECIH, GCDA.
  • College Degree in related field (Information Security, Information Systems, Computer Science/Computer Engineering) or equivalent work experience.

$140,000 - $200,000 a year

The expected salary range for this role is based on job-related knowledge, skills, and experience. This role is also eligible for the Fanatics Commerce annual bonus program and an equity award. Salary range is listed in USD and will be determined in part by a successful candidate’s geographic location.

Things We Care About

·         Your career growth, your ideas, your work-life balance, and your well-being.

·         Diversity and Inclusion

·         Our Company Culture and Values

·         Providing outstanding Company Perks and Benefits

Company Overview

Fanatics is building a leading global digital sports platform to ignite and harness the passions of fans and maximize the presence and reach for hundreds of partners globally. Optimizing these long-standing partnerships, a database of more than 80 million global consumers and a trusted, recognizable brand name, Fanatics is expanding beyond its position as a global leader for licensed sports merchandise to now becoming a next-gen digital sports platform, featuring an array of offerings for fans across the sports ecosystem.

The Fanatics family of companies currently includes Fanatics Commerce, a vertically-integrated licensed merchandise business that has changed the way fans purchase their favorite team apparel, jerseys, headwear and hardgoods through a tech-infused approach to making and quickly distributing fan gear in today’s 24/7 mobile-first economy; Candy Digital, a digital collectibles company that is partnering with prominent sports properties, including MLB and MLBPA, to build an official NFT ecosystem; Fanatics Collectibles, through Topps as a cornerstone of the business, building a new model for the collectibles and trading cards hobby with top leagues and players association partners; and Fanatics Betting & Gaming, a mobile betting, gaming and retail sportsbook platform. Fanatics’ partners include all major professional sports leagues (NFL, MLB, NBA, NHL, NASCAR, MLS, PGA) and hundreds of collegiate and professional teams, which include several of the biggest global soccer clubs.

As a market leader with more than 9,000 employees, and hundreds of partners, suppliers, and vendors worldwide, we take responsibility for driving toward more ethical and sustainable practices. We are committed to building an inclusive Fanatics community, reflecting and representing society at every level of the business, including our employees, vendors, partners and fans. Fanatics is also dedicated to making a positive impact in the communities where we all live, work, and play through strategic philanthropic initiatives.

At Fanatics, we’re a diverse, passionate group of employees aiming to ignite pride and passion in the fans we outfit, celebrate and support. We recognize that diversity helps drive and foster innovation, and through our IDEA program (inclusion, diversity, equality and advocacy) at Fanatics we provide employees with tools and resources to feel connected and engaged in who they are and what they do to support the ultimate fan experience.

www.fanaticsinc.com

Ensure your Fanatics job offer is legitimate and don’t fall victim to fraud. Fanatics never seeks payment from job applicants. Fanatics recruiters will only reach out to applicants from an @fanatics.com or @fanatics.co.uk email address. For added security, where possible, apply through our company website at www.fanaticsinc.com/careers

Fanatics is committed to responsible planning and purchasing (RPP) practices, working with its business partners across its global and multi-layered supply chain, to ensure that planning, sourcing, and purchasing decisions, along with other supporting processes, do not impede or conflict with the fulfillment of Fanatics’ fair labor practices.

NOTICE TO CALIFORNIA RESIDENTS/APPLICANTS: In connection with your application, we collect information that identifies, reasonably relates to or describes you (“Personal Information”). The categories of Personal Information that we collect include your name, government issued identification number(s), email address, mailing address, other contact information, emergency contact information, employment history, educational history, criminal record, and demographic information.  We collect and use those categories of Personal Information about you for human resources and other business management purposes, including identifying and evaluating you as a candidate for potential or future employment or future contract positions, recordkeeping in relation to recruiting and hiring, conducting criminal background checks as permitted by law, conducting analytics, and ensuring compliance with applicable legal requirements and Company policies. For additional information on how we collect and use personal information in connection with your job application, review our Candidate Privacy Policy-CA