Senior Security Engineer, Cloud Infrastructure - #12236
Remote - USA
Fanatics Inc
Fanatics offers the broadest assortment of fan merchandise and memorabilia worldwide.Fanatics is searching for a Senior Information Security Engineer with significant experience in network, system, and cloud security. This position will be responsible for advising teams on the proper design and implementation of applications and systems in cloud and on-premise environments. This role will also assess design and implementation proposals, evaluate application and system vulnerabilities, monitor environments for security violations, mentor the Security Operations Center team on incident management and digital forensics, and contribute to the selection and implementation of security tools and processes. Our team members are given a great deal of autonomy in the pursuit of keeping Fanatics secure and a successful candidate will demonstrate strong communication skills and is expected to be comfortable and effective working independently and as part of a larger, highly distributed team. We're looking specifically for folks who place an emphasis on usable security. Fanatics is a fast-growing company and our security program needs to be able to keep pace with that growth while not disrupting innovation.
Responsibilities
- Identify and communicate current and emerging security threats
- Design and implementation of enterprise-class security solutions to protect Fanatics and our customers
- Create solutions that balance business needs with company-specific and industry-related requirements and regulations.
- Identifying security-related deficiencies in existing and proposed architectures
- Regularly triage cyber security incidents post-enrichment and respond to events as part of the incident response process
- Consult with teams throughout the company around the implementation of security best practices
- Mentoring team members across the security, networking, and system groups with regards to security architecture and fundamental security concepts.
Desired Experience, Skills, and Knowledge
- A minimum 8 years in Information Technology and 5 years of Information Security experience.
- A minimum of 3 years supporting a technically diverse Cardholder Data Environment (CDE) environment.
- Demonstrated expertise in Cloud and Infrastructure security
- Expertise with automating and reviewing infrastructure as code
- Demonstrated ability to consult with teams across the organization regarding the integration of security requirements best practices into their workflows and services
- Demonstrated experience in developing enterprise-level security solutions and taking ownership of the implementation of those solutions
- Experience conducting vulnerability scans in on-premise and cloud environments, and managing the tracking and remediation of findings.
- Advanced networking skills, including experience with WAN, Wireless, Firewall, VPN, Proxy and Intrusion Prevention technologies
- Experience with scripting automation using Python & Bash. PowerShell and/or Go experience is a plus
- Experience with security assessment tools for on-premise and cloud environments including vulnerability scanners, encryption and key management software and hardware, logging and alerting systems.
- Ability to present findings and summaries of issues to senior management
- Designing secure architectures in accordance with relevant regulatory controls (PCI-DSS, SOC 2, ISO-27001/2, etc.)
- Implementing security solutions in a forward-thinking and user-focused manner. This includes delivering iterative improvements in consultation with the larger Information Security team and other operational support teams
- Enterprise-level 24x7 operational support experience
- Knowledge of web service development and deployment, with a specific focus on microservice-based architectures
- Identity and access management (IAM) concepts and the ability to scale those concepts to an enterprise level.
· Your career growth, your ideas, your work-life balance, and your well-being.· Diversity and Inclusion· Our Company Culture and Values· Providing outstanding Company Perks and Benefits
Company Overview Fanatics is building a leading global digital sports platform to ignite and harness the passions of fans and maximize the presence and reach for hundreds of partners globally. Optimizing these long-standing partnerships, a database of more than 80 million global consumers and a trusted, recognizable brand name, Fanatics is expanding beyond its position as a global leader for licensed sports merchandise to now becoming a next-gen digital sports platform, featuring an array of offerings for fans across the sports ecosystem. The Fanatics family of companies currently includes Fanatics Commerce, a vertically-integrated licensed merchandise business that has changed the way fans purchase their favorite team apparel, jerseys, headwear and hardgoods through a tech-infused approach to making and quickly distributing fan gear in today’s 24/7 mobile-first economy; Candy Digital, a digital collectibles company that is partnering with prominent sports properties, including MLB and MLBPA, to build an official NFT ecosystem; Fanatics Collectibles, through Topps as a cornerstone of the business, building a new model for the collectibles and trading cards hobby with top leagues and players association partners; and Fanatics Betting & Gaming, a mobile betting, gaming and retail sportsbook platform. Fanatics’ partners include all major professional sports leagues (NFL, MLB, NBA, NHL, NASCAR, MLS, PGA) and hundreds of collegiate and professional teams, which include several of the biggest global soccer clubs. As a market leader with more than 9,000 employees, and hundreds of partners, suppliers, and vendors worldwide, we take responsibility for driving toward more ethical and sustainable practices. We are committed to building an inclusive Fanatics community, reflecting and representing society at every level of the business, including our employees, vendors, partners and fans. Fanatics is also dedicated to making a positive impact in the communities where we all live, work, and play through strategic philanthropic initiatives. At Fanatics, we’re a diverse, passionate group of employees aiming to ignite pride and passion in the fans we outfit, celebrate and support. We recognize that diversity helps drive and foster innovation, and through our IDEA program (inclusion, diversity, equality and advocacy) at Fanatics we provide employees with tools and resources to feel connected and engaged in who they are and what they do to support the ultimate fan experience.
www.fanaticsinc.com Ensure your Fanatics job offer is legitimate and don’t fall victim to fraud. Fanatics never seeks payment from job applicants. Fanatics recruiters will only reach out to applicants from an @fanatics.com or @fanatics.co.uk email address. For added security, where possible, apply through our company website at www.fanaticsinc.com/careers
Fanatics is committed to responsible planning and purchasing (RPP) practices, working with its business partners across its global and multi-layered supply chain, to ensure that planning, sourcing, and purchasing decisions, along with other supporting processes, do not impede or conflict with the fulfillment of Fanatics’ fair labor practices.
NOTICE TO CALIFORNIA RESIDENTS/APPLICANTS: In connection with your application, we collect information that identifies, reasonably relates to or describes you (“Personal Information”). The categories of Personal Information that we collect include your name, government issued identification number(s), email address, mailing address, other contact information, emergency contact information, employment history, educational history, criminal record, and demographic information. We collect and use those categories of Personal Information about you for human resources and other business management purposes, including identifying and evaluating you as a candidate for potential or future employment or future contract positions, recordkeeping in relation to recruiting and hiring, conducting criminal background checks as permitted by law, conducting analytics, and ensuring compliance with applicable legal requirements and Company policies.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Automation Bash Cloud Compliance Encryption Firewalls Forensics IAM Incident response Intrusion prevention PowerShell Python Scripting Security assessment SOC 2 VPN Vulnerabilities Vulnerability scans
Perks/benefits: Career development Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Security Operations Engineer jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs