Senior Security Analyst

Fanatics Commerce is searching for a Senior Security Analyst to join our Security Operations team. Information Security team members are given a great deal of autonomy in the pursuit of keeping Fanatics secure, and a successful candidate will demonstrate a strong work ethic, superior communication skills, and is expected to be comfortable and effective working independently and as part of a larger, highly-distributed team. We're looking specifically for candidates who place an emphasis on usable security. Fanatics is a fast-growing company and our security program needs to be able to keep pace with that growth while not disrupting innovation.

Responsibilities:

• Mentor and train other members of the Security Operations team.
• Serve as an escalation point in incident response scenarios; acting as the incident lead and conducting investigations and forensics as needed.
• Monitor external information sources to determine potential threats to Fanatics, tune our defenses, and look for indicators of compromise in our environment.
• Monitor and analyze alerts, network traffic, and system logs for unusual behavior, attributing suspicious activity to specific threats and implementing measures to mitigate risk.
• Conduct sensitive investigations at the direction of HR and Legal.
• Help design, deploy, operate, and optimize internal Fanatics security systems.
• Review and approve access and firewall change requests.
• Act as lead, participate as a team member, and serve as a subject matter expert on large, highly complex projects.
• Recommend how to optimize use of existing security monitoring tools based on assessments of available threat intelligence data and incident trends.
• Participate in a 24/7 on-call rotation, helping triage and respond to security incidents as they arise and providing support for internal end users by resolving or routing tickets.
• Coordinate with other teams in IT to enforce standards for endpoint security, vulnerability management, and system hardening.
• Contribute to documentation (processes, hardening standards, playbooks, and after action reports) working closely with management to continuously improve day to day operations.
• Develop complex SOAR playbooks to improve the speed and consistency of our incident response capabilities.
• Triage, respond, and escalate alerts generated during your shift.
• Takeover detections and investigations from other shifts, and be able to hand work back off when your shift ends.

Experience and Skills:

• High level of commitment, energy and creativity with the ability to work in a fast paced, rapidly changing environment with a STRONG desire to learn.
• Excellent oral and written communication skills, including the ability to interact effectively with executives, engineers, vendors and peers.
• Strong analytical skills, including structured problem solving and instinctive thinking.
• Meticulous attention to detail with strong organizational skills.
• Hands on experience working within a formal incident response process and conducting forensic investigations.
• Highly adept at managing IT security projects that are cross-functional in nature.
• Strong networking skills; OSI model, TCP/IP, HTTPS, firewalls, network intrusion detection and prevention, packet analysis.
• Experience working with enterprise level access management, SIEM, IDS/IPS, end-point protection, and multi-factor authentication systems.
• Must be comfortable working with and troubleshooting in a heterogeneous operating environment, including hands-on administrative experience with Windows, Macintosh, and Linux.
• Strong working knowledge of Active Directory and Microsoft 365.
• Experience working in a hybrid environment that includes on-premise and cloud based systems. Experience with AWS or Azure is a big plus.
• Highly proficient with scripting and query languages (Python, PowerShell, SQL, etc.) with a passion for automation. Experience using a SOAR platform is a big plus.

Required Qualifications:

• Minimum of 5 years of work experience in the field of Information Security.
• College Degree in related field (Information Security, Information Systems, Computer Science/Computer Engineering) or equivalent work experience.
• One or more of the following certifications preferred: Security+, SSCP, CISSP, GCIH, ECIH.