Security Analyst III

Job Overview:

The Cyber Security Analyst III will play a critical role within the Perimeter Security team, with a primary focus on cloud technologies. This role is responsible for managing and mitigating cybersecurity incidents, performing threat hunting, and maintaining system integrations. The analyst will collaborate with Web Engineering, Site Reliability Operations (SRE), and infrastructure teams to safeguard the organization's cloud perimeter, with additional responsibilities for leveraging various security tools to identify and mitigate threats quickly. This position requires expertise in traffic and threat analysis using multiple platforms, including Splunk and native database queries, as well as experience working with Content Delivery Networks (CDN), Web Application Firewalls (WAF), and internal security tools.

Key Responsibilities:

1. Incident Response:
   • Respond to traffic and perimeter-related security incidents, leveraging CDN defenses, WAFs, and internal tooling.
   • Detect, analyze, and investigate incidents related to customer traffic interference, bot activity, scanners, and malicious actors.
   • Utilize native database queries and security monitoring platforms to identify patterns and anomalies that could indicate cybersecurity risks.
   • Prioritize and escalate incidents based on severity and potential impact, coordinating with Web Engineering, SRE, and infrastructure teams as necessary.
   • Provide support for access issues, including whitelisting and network allowlists, across the enterprise.
2. Threat Monitoring and Hunting:
   • Use multiple tools, including Splunk and internal database queries, to analyze traffic patterns and identify threats within cloud-based infrastructure.
   • Monitor and track threat actors, scanner activities, and IP reputations in cloud environments to detect and mitigate potential risks.
   • Investigate traffic anomalies and patterns to proactively identify and mitigate operational impacts on Engineering teams.
   • Collaborate with Web Engineering and SRE teams to reduce false positive alerts, optimize security controls, and prevent customer impact due to protection systems.
3. System Integration and Maintenance:
   • Work with engineering and SRE teams to ensure seamless integration, patching, and maintenance of security controls for cloud perimeter systems, including CDNs, WAFs, SigSci, and NGINX.
   • Support the discovery and remediation of vulnerabilities related to API endpoints and other cloud services.
   • Manage and monitor cloud-based perimeter security applications to ensure they remain current and resilient against emerging threats.
4. Collaboration with Engineering and Operations Teams:
   • Partner with Security Engineering, Application Engineering and Site Reliability Operations Teams to secure new systems, endpoints, and integrations, ensuring that security is embedded into cloud infrastructure from the start.
   • Document and communicate security incidents, recommended actions, and resolutions clearly and effectively to both technical and non-technical stakeholders.
   • Work with cross-functional teams to reduce alert noise, false positives, and operational impacts on the business, driving continuous improvements in threat detection and response.
5. Reporting and Documentation:
   • Generate and present executive-level reports on traffic mitigation, including metrics such as sessions impacted by mitigation technologies, financial savings from bot/attack prevention, and operational availability impacts due to traffic anomalies.
   • Maintain detailed documentation of incidents, system changes, and security tool efficacy to support continuous improvement and knowledge sharing.

Qualifications:

• Bachelor's degree in Cybersecurity, Computer Science, or a related field, or equivalent work experience.
• Minimum of 5 years of experience in cybersecurity, with a focus on cloud technologies and perimeter security.
• Extensive experience in incident response, cloud-native threat hunting, and mitigation in public/private/hybrid cloud environments (e.g., AWS, Azure, GCP).
• Strong hands-on experience with traffic and threat monitoring tools such as Splunk, native database queries, and cloud-native security solutions.
• Deep knowledge of CDNs, WAFs, firewalls, IDS/IPS, and API security, particularly in cloud-based architectures.
• Proficiency with web and api systems such as NGINX, Kubernetes, Apache, Web Servers, along with cloud-native edge defense platforms.
• Strong analytical skills with a proven ability to quickly identify and mitigate complex threats in high-volume environments.

Fanatics Commerce is a leading designer, manufacturer, and seller of licensed fan gear, jerseys, lifestyle and streetwear products, headwear, and hardgoods. It operates a vertically-integrated platform of digital and physical capabilities for leading sports leagues, teams, colleges, and associations globally – as well as its flagship site, www.fanatics.com.

Fanatics Commerce has a broad range of online, sports venue, and vertical apparel partnerships worldwide, including comprehensive partnerships with leading leagues, teams, colleges, and sports organizations across the world—including the NFL, NBA, MLB, NHL, MLS, Formula 1, and Australian Football League (AFL); the Dallas Cowboys, Golden State Warriors, Paris Saint-Germain, Manchester United, Chelsea FC, and Tokyo Giants; the University of Notre Dame, University of Alabama, and University of Texas; the International Olympic Committee (IOC), England Rugby, and the Union of European Football Associations (UEFA).

At Fanatics Commerce, we infuse our BOLD Leadership Principles in everything we do:
· Build Championship Teams
· Obsessed with Fans
· Limitless Entrepreneurial Spirit
· Determined and Relentless Mindset