Security Analyst III

Job Overview:

The Cyber Security Analyst III will play a critical role within the Perimeter Security team, with a primary focus on cloud technologies. This role is responsible for managing and mitigating cybersecurity incidents, performing threat hunting, and maintaining system integrations. The analyst will collaborate with Web Engineering, Site Reliability Operations (SRE), and infrastructure teams to safeguard the organization's cloud perimeter, with additional responsibilities for leveraging various security tools to identify and mitigate threats quickly. This position requires expertise in traffic and threat analysis using multiple platforms, including Splunk and native database queries, as well as experience working with Content Delivery Networks (CDN), Web Application Firewalls (WAF), and internal security tools.

Key Responsibilities:

1. Incident Response:
   • Respond to traffic and perimeter-related security incidents, leveraging CDN defenses, WAFs, and internal tooling.
   • Detect, analyze, and investigate incidents related to customer traffic interference, bot activity, scanners, and malicious actors.
   • Utilize native database queries and security monitoring platforms to identify patterns and anomalies that could indicate cybersecurity risks.
   • Prioritize and escalate incidents based on severity and potential impact, coordinating with Web Engineering, SRE, and infrastructure teams as necessary.
   • Provide support for access issues, including whitelisting and network allowlists, across the enterprise.
2. Threat Monitoring and Hunting:
   • Use multiple tools, including Splunk and internal database queries, to analyze traffic patterns and identify threats within cloud-based infrastructure.
   • Monitor and track threat actors, scanner activities, and IP reputations in cloud environments to detect and mitigate potential risks.
   • Investigate traffic anomalies and patterns to proactively identify and mitigate operational impacts on Engineering teams.
   • Collaborate with Web Engineering and SRE teams to reduce false positive alerts, optimize security controls, and prevent customer impact due to protection systems.
3. System Integration and Maintenance:
   • Work with engineering and SRE teams to ensure seamless integration, patching, and maintenance of security controls for cloud perimeter systems, including CDNs, WAFs, SigSci, and NGINX.
   • Support the discovery and remediation of vulnerabilities related to API endpoints and other cloud services.
   • Manage and monitor cloud-based perimeter security applications to ensure they remain current and resilient against emerging threats.
4. Collaboration with Engineering and Operations Teams:
   • Partner with Security Engineering, Application Engineering and Site Reliability Operations Teams to secure new systems, endpoints, and integrations, ensuring that security is embedded into cloud infrastructure from the start.
   • Document and communicate security incidents, recommended actions, and resolutions clearly and effectively to both technical and non-technical stakeholders.
   • Work with cross-functional teams to reduce alert noise, false positives, and operational impacts on the business, driving continuous improvements in threat detection and response.
5. Reporting and Documentation:
   • Generate and present executive-level reports on traffic mitigation, including metrics such as sessions impacted by mitigation technologies, financial savings from bot/attack prevention, and operational availability impacts due to traffic anomalies.
   • Maintain detailed documentation of incidents, system changes, and security tool efficacy to support continuous improvement and knowledge sharing.

Qualifications:

• Bachelor’s degree in Cybersecurity, Computer Science, or a related field, or equivalent work experience.
• Minimum of 5 years of experience in cybersecurity, with a focus on cloud technologies and perimeter security.
• Extensive experience in incident response, cloud-native threat hunting, and mitigation in public/private/hybrid cloud environments (e.g., AWS, Azure, GCP).
• Strong hands-on experience with traffic and threat monitoring tools such as Splunk, native database queries, and cloud-native security solutions.
• Deep knowledge of CDNs, WAFs, firewalls, IDS/IPS, and API security, particularly in cloud-based architectures.
• Proficiency with web and api systems such as NGINX, Kubernetes, Apache, Web Servers, along with  cloud-native edge defense platforms.
• Strong analytical skills with a proven ability to quickly identify and mitigate complex threats in high-volume environments.

Fanatics is building a leading global digital sports platform. We ignite the passions of global sports fans and maximize the presence and reach for our hundreds of sports partners globally by offering products and services across Fanatics Commerce, Fanatics Collectibles, and Fanatics Betting & Gaming, allowing sports fans to Buy, Collect, and Bet. Through the Fanatics platform, sports fans can buy licensed fan gear, jerseys, lifestyle and streetwear products, headwear, and hardgoods; collect physical and digital trading cards, sports memorabilia, and other digital assets; and bet as the company builds its Sportsbook and iGaming platform. Fanatics has an established database of over 100 million global sports fans; a global partner network with approximately 900 sports properties, including major national and international professional sports leagues, players associations, teams, colleges, college conferences and retail partners, 2,500 athletes and celebrities, and 200 exclusive athletes; and over 2,000 retail locations, including its Lids retail stores. Our more than 22,000 employees are committed to relentlessly enhancing the fan experience and delighting sports fans globally.