Staff Security Engineer

Job not on LinkedIn

October 17

Apply Now

Receive Emails with Similar Jobs

Fanatics, Inc.

WebsiteLinkedInAll Job Openings

Gaming • Retail • eCommerce

Fanatics is building a leading global digital sports platform that aims to enhance the fan experience for over 100 million sports enthusiasts worldwide. The company operates across several divisions including Fanatics Commerce, Fanatics Collectibles, and Fanatics Betting & Gaming. They offer fans the opportunity to buy licensed fan gear, jerseys, lifestyle products, and headwear, collect physical and digital trading cards, sports memorabilia, and other digital assets, as well as engage in sports betting. Fanatics partners with over 900 sports properties globally, including major leagues, teams, and athletes, and operates more than 2,000 retail locations. The company is committed to corporate responsibility with a focus on philanthropy, diversity and inclusion, brand protection, and sustainability.

1001 - 5000 employees

Founded 2011

🎮 Gaming

🛒 Retail

🛍️ eCommerce

📋 Description

• Develop, implement, and uphold secure architecture for product and enterprise environments. This encompasses on-premises, cloud, and containerless environments. • Responsible for implementation of the DevSecOps strategy with a significant emphasis on developing and assessing security tools. • Develop and implement customized detection mechanisms using various SaaS and cloud technologies to identify malicious behavior. • Manage security and infrastructure configurations by leveraging Infrastructure-As-Code tools such as Terraform • Consistently contribute to and enhance security coding programs that support immutable and version-controlled environments through the utilization of infrastructure as code, detection as code, and other engineering-driven security initiatives. • Responsible for investigation, remediation and root cause analysis of security escalations from MSSP, CSPM, SIEM and other notification mechanisms. • Participate in an on-call rotation to provide 24/7 support for incident escalations

🎯 Requirements

• 10+ years of experience as a security engineer or in a similar role • Demonstrated expertise in implementing AWS security services and adhering to best practices. (Cloudtrail, GuardDuty, Cloudwatch). • Prior experience implementing and managing a zero-trust network access solution to support least privilege access provisioning. • Understanding and modeling all aspects of security within a system architecture, with the ability to identify both good and bad security design • Strong understanding of several operating systems and network security best practices. • Demonstrated experience with container security operations using open source or market leading CSPM solutions. • Demonstrated experience leveraging infrastructure as code with tools such as Terraform or Ansible • Experience with identity management protocols (e.g., OAuth, SAML, OpenID Connect) • Demonstrated ability to develop and comprehend code in one or more programming languages, including Python, Java, or Go. • Relevant certifications such as OSCP, SSCP, or GSEC • Experience in designing and/or implementing a release management pipeline • Able to identify what a good release pipeline looks like (the stages, what they do, why they are there) • Experience integrating pipeline tooling with one another either natively or via custom code