Cybersecurity Specialist – Digital Platform Security (Topps)
New York - New York
Fanatics Inc
Fanatics offers the broadest assortment of fan merchandise and memorabilia worldwide.The Cybersecurity Specialist – Digital Platform Security role reports to the CISO of Fanatics Collectibles and is responsible for the continuous security management of the Topps application environment. They will be responsible for identifying, tracking, and remediating threats towards the customer facing eCommerce, mobile, and cutting-edge NFT platforms. The Cybersecurity Specialist will partner with the Business, Development, DevOps, and FHI’s security team to ensure security is embedded through all phases of the software development lifecycle and that platforms meet corporate minimum standards.
What You'll Do:
- Stay up to date with current security threats within the company region and vertical with a special focus on threats to Crypto, NFT, and eCommerce ecosystems.
- Continuous protection of customer facing corporate platforms.
- Participate in development and feature planning discussions for new products and features.
- Perform Threat Modeling for existing and new applications and platforms.
- Perform Web Application and Mobile Application penetration tests.
- In charge of Static and Dynamic Application Security Testing for existing and upcoming digital products.
- Provide security requirements and guidance to development teams for mobile application and web-based products.
- Firewall, WAF, and DDoS protection management.
- Secure and harden cloud infrastructure.
- Document and standardize security controls for cloud platforms.
- Produce meaningful KPI’s and executive level reporting.
What We're Looking For:
- 7+ years’ experience in developing SDLC’s and secure coding guidelines.
- 5+ years’ experience with SAST and DAST to include mobile applications.
- Experience with proof-of-stake blockchains and NFTs.
- 5+ years’ experience testing mobile applications for security weaknesses.
- In depth experience with major cloud platforms such as AWS, Azure, and GCP.
- Experience with securing contains such as Docker and Kubernetes.
- In depth experience with Threat Modeling methodologies such as STRIDE
- Scripting experience strongly preferred.
- Experience with SOX, GDPR, and CCPA required.
- Excellent verbal and written communication skills.
- Preferred Certifications: AWS Security Specialty, CCSP, CSSLP, OSCP, OSWE, GPEN, GWAPT, GCPN
The Fanatics family of companies currently includes Fanatics Commerce, a vertically-integrated licensed merchandise business that has changed the way fans purchase their favorite team apparel, jerseys, headwear and hardgoods through a tech-infused approach to making and quickly distributing fan gear in today’s 24/7 mobile-first economy; Candy Digital, a digital collectibles company that is partnering with prominent sports properties, including MLB and MLBPA, to build an official NFT ecosystem; Fanatics Collectibles, a transformative company that is building a new model for the hobby and giving collectors an end-to-end collectibles experience; and Fanatics Betting & Gaming, a mobile betting, gaming and retail sportsbook platform. Additional ventures that will build out Fanatics’ footprint across the broader digital sports landscape will be rolled out soon. Fanatics’ partners include all major professional sports leagues (NFL, MLB, NBA, NHL, NASCAR, MLS, PGA) and hundreds of collegiate and professional teams, which include several of the biggest global soccer clubs. As a market leader with more than 8,000 employees, and hundreds of partners, suppliers, and vendors worldwide, we take responsibility for driving toward more ethical and sustainable practices. We are committed to building an inclusive Fanatics community, reflecting and representing society at every level of the business, including our employees, vendors, partners and fans. Fanatics is also dedicated to making a positive impact in the communities where we all live, work, and play through strategic philanthropic initiatives. At Fanatics, we’re a diverse, passionate group of employees aiming to ignite pride and passion in the fans we outfit, celebrate and support. We recognize that diversity helps drive and foster innovation, and through our IDEA program (inclusion, diversity, equality and advocacy) at Fanatics we provide employees with tools and resources to feel connected and engaged in who they are and what they do to support the ultimate fan experience.
Ensure your Fanatics job offer is legitimate and don’t fall victim to fraud. Fanatics never seeks payment from job applicants. Fanatics recruiters will only reach out to applicants from an @fanatics.com or @fanatics.co.uk email address. For added security, where possible, apply through our company website at www.fanaticsinc.com/careers
Tryouts are open at Fanatics! Our team is passionate, talented, unified, and charged with creating the fan experience of tomorrow. The ball is in your court now.
Fanatics is committed to responsible planning and purchasing (RPP) practices, working with its business partners across its global and multi-layered supply chain, to ensure that planning, sourcing, and purchasing decisions, along with other supporting processes, do not impede or conflict with the fulfillment of Fanatics’ fair labor practices.
NOTICE TO CALIFORNIA RESIDENTS/APPLICANTS: In connection with your application, we collect information that identifies, reasonably relates to or describes you (“Personal Information”). The categories of Personal Information that we collect include your name, government issued identification number(s), email address, mailing address, other contact information, emergency contact information, employment history, educational history, criminal record, and demographic information. We collect and use those categories of Personal Information about you for human resources and other business management purposes, including identifying and evaluating you as a candidate for potential or future employment or other types of positions, recordkeeping in relation to recruiting and hiring, conducting criminal background checks as permitted by law, conducting analytics, and ensuring compliance with applicable legal requirements and Company policies.
Tags: Analytics Application security AWS Azure CCPA CCSP Cloud Compliance Crypto DAST DDoS DevOps Docker E-commerce Ecommerce Firewalls GCP GDPR GPEN GWAPT Kubernetes OSCP OSWE SAST Scripting SDLC
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs