Security Analyst I

We’re defining what it means to build and deliver the most extraordinary sports and entertainment experiences. Our global team is trailblazing new markets, developing cutting-edge products, and shaping the future of responsible gaming.

Here, “impossible” isn’t part of our vocabulary. You’ll face some of the toughest but most rewarding challenges of your career. They’re worth it. Channeling your inner grit will accelerate your growth, help us win as a team, and create unforgettable moments for our customers.

The Crown Is Yours

As a Security Analyst I, you will protect our digital infrastructure, including cloud environments, web applications, office and data center networks, and sensitive data, from various cyber threats. In this role, you will be responsible for triaging security events, managing vulnerabilities, coordinating security operations projects, and enhancing our defensive strategies. With access to best of class cybersecurity tools, you'll play a key role in maintaining the integrity and safety of our infrastructure.
 

What you’ll do as a Security Analyst I

• Triage cybersecurity alerts as they come in and take necessary remediation or escalation paths. 

• Protect our cloud environments, IT environments, web and mobile applications, and office and data center networks in order to maintain operational excellence of DraftKings security posture. 

• Perform vulnerability assessments on all corporate systems, including user endpoints, servers, production workloads, and other infrastructure.

• Lead small to mid-sized Security Operations projects such as alert tuning, automation, scripting, and coding.

• Coordinate with other Draftkings’ teams to manage vulnerabilities and risk.

• Test the effectiveness of security measures by participating in pentesting exercises.

• Ability to effectively communicate security concepts to stakeholders and recommend risk mitigation steps to the team.

What you’ll bring  

• At least 2 years of cybersecurity work experience.

• Professional experience triaging alerts from Endpoint Detection and Response (EDR) tools such as CrowdStrike and Microsoft Defender.

• Fundamental understanding of public cloud computing platforms like AWS, or GCP and applying that understanding to triaging security alerts from Cloud Detection and Response tools.

• Professional experience using incident response procedures and assisting security investigations.

• Excellent written and oral communication skills for cross team and vertical collaboration.

• Familiarity with vulnerability management platforms such as Rapid7 or Qualys.

• Security+, AWS Solutions architect associate, CEH, or CISSP certifications are a plus.

• Understanding of vulnerability rating systems such as CVE, CWE, OWASP Top 10.

• Experience with programming or scripting languages such as Python or PowerShell.

#LI-OK1

Join Our Team

We’re a publicly traded (NASDAQ: DKNG) technology company headquartered in Boston. As a regulated gaming company, you may be required to obtain a gaming license issued by the appropriate state agency as a condition of employment. Don’t worry, we’ll guide you through the process if this is relevant to your role.