Sr Analyst, Security

Responsibilities:

• Mentor and train other members of the Security Operations team.
• Serve as an escalation point in incident response scenarios; acting as the incident lead and conducting investigations and forensics as needed.
• Monitor external information sources to determine potential threats to Fanatics, tune our defenses, and look for indicators of compromise in our environment.
• Monitor and analyze alerts, network traffic, and system logs for unusual behavior, attributing suspicious activity to specific threats and implementing measures to mitigate risk.
• Conduct sensitive investigations at the direction of HR and Legal.
• Help design, deploy, operate, and optimize internal Fanatics security systems.
• Review and approve access and firewall change requests.
• Act as lead, participate as a team member, and serve as a subject matter expert on large, highly complex projects.
• Recommend how to optimize use of existing security monitoring tools based on assessments of available threat intelligence data and incident trends.
• Participate in a 24/7 on-call rotation, helping triage and respond to security incidents as they arise and providing support for internal end users by resolving or routing tickets.
• Coordinate with other teams in IT to enforce standards for endpoint security, vulnerability management, and system hardening.
• Contribute to documentation (processes, hardening standards, playbooks, and after action reports) working closely with management to continuously improve day to day operations.
• Develop complex SOAR playbooks to improve the speed and consistency of our incident response capabilities.
• Triage, respond, and escalate alerts generated during your shift.
• Takeover detections and investigations from other shifts, and be able to hand work back off when your shift ends.

Experience and Skills:

• High level of commitment, energy and creativity with the ability to work in a fast paced, rapidly changing environment with a STRONG desire to learn.
• Excellent oral and written communication skills, including the ability to interact effectively with executives, engineers, vendors and peers.
• Strong analytical skills, including structured problem solving and instinctive thinking.
• Meticulous attention to detail with strong organizational skills.
• Hands on experience working within a formal incident response process and conducting forensic investigations.
• Highly adept at managing IT security projects that are cross-functional in nature.
• Strong networking skills; OSI model, TCP/IP, HTTPS, firewalls, network intrusion detection and prevention, packet analysis.
• Experience working with enterprise level access management, SIEM, IDS/IPS, end-point protection, and multi-factor authentication systems.
• Must be comfortable working with and troubleshooting in a heterogeneous operating environment, including hands-on administrative experience with Windows, Macintosh, and Linux.
• Strong working knowledge of Active Directory and Microsoft 365.
• Experience working in a hybrid environment that includes on-premise and cloud based systems. Experience with AWS or Azure is a big plus.
• Highly proficient with scripting and query languages (Python, PowerShell, SQL, etc.) with a passion for automation. Experience using a SOAR platform is a big plus.

Required Qualifications:

• Minimum of 5 years of work experience in the field of Information Security.
• College Degree in related field (Information Security, Information Systems, Computer Science/Computer Engineering) or equivalent work experience.
• One or more of the following certifications preferred: Security+, SSCP, CISSP, GCIH, ECIH.

Fanatics Commerce has a broad range of online, sports venue, and vertical apparel partnerships worldwide, including comprehensive partnerships with leading leagues, teams, colleges, and sports organizations across the world—including the NFL, NBA, MLB, NHL, MLS, Formula 1, and Australian Football League (AFL); the Dallas Cowboys, Golden State Warriors, Paris Saint-Germain, Manchester United, Chelsea FC, and Tokyo Giants; the University of Notre Dame, University of Alabama, and University of Texas; the International Olympic Committee (IOC), England Rugby, and the Union of European Football Associations (UEFA).