Staff Security Engineer

The Role

As a Staff Security Engineer at Fanatics Ecosystem, your knowledge and experience in designing, implementing and maintaining security measures will help the organization stay ahead of security risks and protect company assets. This role sits within Information Security and reports to the Senior Manager, Security Engineering.

 

What You'll Do:

• Develop, implement, and uphold secure architecture for product and enterprise environments. This encompasses on-premises, cloud, and containerless environments.
• Responsible for implementation of the DevSecOps strategy with a significant emphasis on developing and assessing security tools.
• Develop and implement customized detection mechanisms using various SaaS and cloud technologies to identify malicious behavior.
• Manage security and infrastructure configurations by leveraging Infrastructure-As-Code tools such as Terraform
• Deployment, configuration, and maintenance of CSPM solution enabling prompt identification and remediation of infrastructure related threats and vulnerabilities.
• Responsible for writing custom detections to improve cloud threat detection and observability
• Collaborate with internal teams to ensure that secure implementation guidelines are followed across the fanatics betting and gaming environment
• Responsible for investigation, remediation and root cause analysis of security escalations from MSSP, CSPM, SIEM and other notification mechanisms. 
• Participate in an on-call rotation to provide 24/7 support for incident escalations
• Consistently contribute to and enhance security coding programs that support immutable and version-controlled environments through the utilization of infrastructure as code, detection as code, and other engineering-driven security initiatives.

 

What We're Looking For:

• 10+ years of experience as a security engineer or in a similar role
• Demonstrated expertise in implementing AWS security services and adhering to best practices. (Cloudtrail, GuardDuty, Cloudwatch). 
• Prior experience implementing and managing a zero-trust network access solution to support least privilege access provisioning. 
• Understanding and modeling all aspects of security within a system architecture, with the ability to identify both good and bad security design
• Proficient in incident response operations to include forensic analysis, log investigation and advanced defensive tactics.
• Strong understanding of several operating systems and network security best practices. 
• Demonstrated experience with container security operations using open source or market leading CSPM solutions. 
• Demonstrated experience leveraging infrastructure as code with tools such as Terraform or Ansible
• Experience with identity management protocols (e.g., OAuth, SAML, OpenID Connect) 
• Ability to communicate effectively with technical and non-technical stakeholders
• Project Management
  • Proficient in Agile processes and ceremonies (e.g., story writing, pointing)
  • Capable of translating business goals into a comprehensive project roadmap
  • Skilled at prioritizing and managing multiple projects concurrently
  • Ability to collaborate and work in a team environment
• Standards and policies
  • Experience in drafting documentation such as standards, policies and architecture diagrams
  • Able to correlate a system configuration to existing standards and policies as well as identify violations of those standards and policies
• Experience with scripting languages is a requirement
  • Able to write and understand complex Java, Terraform, shell scripting, Python, Swift, etc 
  • Able to evaluate and create automated solutions using Python/Github/Datadog/Jira/Expel/etc workflows
  • Able to evaluate existing workflows for poor security practices
• Big Plus
  • Relevant certifications such as OSCP, SSCP, or GSEC 
  • Experience with consumer software development
  • Experience in designing and/or implementing a release management pipeline 
    • Able to identify what a good release pipeline looks like (the stages, what they do, why they are there)
    • Experience integrating pipeline tooling with one another either natively or via custom code
    • Able to seamlessly dive into a Gitops process to deploy, test, and manage software changes 

In NYC, the salary range for this position is $164,160 to $237,500, which represents base pay only and does not include short-term or long-term incentive compensation. When determining base pay, as part of a final compensation package, we consider several factors such as location, experience, qualifications, and training. 

Fanatics is building a leading global digital sports platform. We ignite the passions of global sports fans and maximize the presence and reach for our hundreds of sports partners globally by offering products and services across Fanatics Commerce, Fanatics Collectibles, and Fanatics Betting & Gaming, allowing sports fans to Buy, Collect, and Bet. Through the Fanatics platform, sports fans can buy licensed fan gear, jerseys, lifestyle and streetwear products, headwear, and hardgoods; collect physical and digital trading cards, sports memorabilia, and other digital assets; and bet as the company builds its Sportsbook and iGaming platform. Fanatics has an established database of over 100 million global sports fans; a global partner network with approximately 900 sports properties, including major national and international professional sports leagues, players associations, teams, colleges, college conferences and retail partners, 2,500 athletes and celebrities, and 200 exclusive athletes; and over 2,000 retail locations, including its Lids retail stores. Our more than 22,000 employees are committed to relentlessly enhancing the fan experience and delighting sports fans globally.