1 day ago

Logo of Fanatics

Security Analyst III

$115k - $143k

Fanatics

USRemote

Company Overview

Fanatics is building a leading global digital sports platform. We ignite the passions of global sports fans and maximize the presence and reach for our hundreds of sports partners globally by offering products and services across Fanatics Commerce, Fanatics Collectibles, and Fanatics Betting & Gaming, allowing sports fans to Buy, Collect, and Bet. Through the Fanatics platform, sports fans can buy licensed fan gear, jerseys, lifestyle and streetwear products, headwear, and hardgoods; collect physical and digital trading cards, sports memorabilia, and other digital assets; and bet as the company builds its Sportsbook and iGaming platform. Fanatics has an established database of over 100 million global sports fans; a global partner network with approximately 900 sports properties, including major national and international professional sports leagues, players associations, teams, colleges, college conferences and retail partners, 2,500 athletes and celebrities, and 200 exclusive athletes; and over 2,000 retail locations, including its Lids retail stores. Our more than 22,000 employees are committed to relentlessly enhancing the fan experience and delighting sports fans globally.

 

The Role

We are seeking a Information Security Analyst III with a strong technical foundation and a passion for Governance, Risk, and Compliance (GRC) to join our growing security team within the Fanatics Ecosystem organization. In this role, your experience in analyzing security events and implementing controls will enable the organization to proactively address security risks and safeguard company assets. This role will work closely with Information Security teams across operating companies (Commerce, Collectibles, Fanatics Betting and Gaming, etc.) This role reports directly to the Senior Manager, Security Engineering.  

 

What Youll Do: 

  • Administer and enhance the user access review process to identify and address access control issues effectively. 
  • Conduct thorough analyses of event logs from various security solutions, including SIEM, DLP, WAF, and EDR, to ensure prompt resolution and protection of company assets. 
  • Participate in Incident response efforts by conducting log analysis, gathering evidence, and executing remediation tasks.  
  • Automate incident response playbooks leveraging Security Orchestration Automation and Response technology. 
  • Deliver security awareness presentations for both technical and non-technical users. Actively contribute to ongoing information security education through diverse methods such as phishing simulations, annual training sessions, on-demand courses, and workshops. 
  • Continuously monitor and update the organizations risk management framework 
  • Update and maintain organizational policies to ensure alignment with security standards.  
  • Support Governance, Risk, and Compliance (GRC) initiatives by implementing controls and gathering necessary evidence. 
  • Participate in an on-call rotation to address security incidents and escalations promptly. 

 

What Were Looking For:   

  • Minimum of 4 years of experience as a Information security analyst or in a similar role 
  • Ability to leverage security compliance frameworks to support control improvement and evidence correlation. 
  • Foundational understanding of IT fundamentals, including networking, operating systems, and system administration.  
  • Experience in securing and conducting security investigations within cloud infrastructure such as AWS. 
  • Experience with EDR solutions such as Crowdstrike.  
  • Demonstrated expertise in utilizing SIEM solutions such as Datadog to analyze and organize event logs, facilitating effective investigations. 
  • General understanding of GitOps processes.  
  • Foundational knowledge in Agile methodologies with ability to successfully collaborate with multiple stakeholders. 
  • Ability to communicate effectively with technical and non-technical stakeholders. 
  • Ability to prioritize and balance multiple projects simultaneously. 
  • Proven experience drafting documentation such as standards, policies and architecture diagrams.  
  • Experience with scripting languages such as Python or Bash is a plus. 
  • Relevant certifications such as Security+, CySA+, OSCP, SSCP, or GSEC are a plus. 

 

In New York, the salary range for this position is $115,000 to $143,750, which represents base pay only and does not include short-term or long-term incentive compensation. When determining base pay, as part of a final compensation package, we consider several factors such as location, experience, qualifications, and training.