
Staff Infrastructure Security Engineer
7 days ago
POSITION DESCRIPTION:
Fanatics is searching for an experienced infrastructure security specialist to help protect Fanatics infrastructure. A successful candidate will display strong communication and technical skills and be comfortable and effective working independently and as part of a larger, highly distributed team.
We're looking specifically for folks who place an emphasis on usable security and scaling successfully through automation. Fanatics is a fast-growing company, and our security program needs to be able to keep pace with that growth while not disrupting innovation.
Responsible for continually improving product security by partnering with infrastructure in all phases of the development and deployment process. Work with various Infrastructure teams to identify and mitigate security issues, vulnerabilities, and misconfigurations by applying their in-depth knowledge of operating systems, infrastructure, and cloud providers. Work very closely with the Security Operations Team and share their findings in a proactive manner. Work with teams to ensure security standards are maintained on the design and implementation of platforms and systems in cloud and on-premises environments.
RESPONSIBILITIES:
- Establish security best processes and practices for our mobile, on-premises and cloud-based platforms.
- Support infrastructure teams from the perspective of security engineering by injecting appropriate security controls.
- Establish and maintain Infrastructure as code scanning engine.
- Establish and maintain infrastructure vulnerability management engine.
- Build tooling to ensure Security Engineering can deliver often and with confidence.
- Defining security controls for all aspects of our on-premise and cloud infrastructure.
- Managing cryptography and encryption controls.
- Coordinate security implementation work with Infrastructure teams and other members of Security Department.
- Managing Web Application Firewall (building new rules, maintaining existing, monitoring and adjusting according to the signals).
- Working with analysts, engineers, and data scientists across the organization to continually improve cyber resilience.
- Managing KMS, Secrets, certificate management platforms.
- Support the regulatory compliance initiatives, processes and documentation for ISO 27001, PCI, SOC2, etc.
- Assist with incident response practices including incident management, coordination, analysis and investigation of potential security events.
- Design and implement safeguards by working with others to progress cloud security posture in the form of software, hardware, or operating procedures.
- Monitor environments with performing setup of tools, logging and monitoring, and threat detection to determine if any attacks on cloud systems working with the SOC.
- Constantly innovate at the pace of the adversary using latest techniques.
EDUCATIONAL REQUIREMENTS:
- Bachelor's degree in computer science, Information Systems, or equivalent combination of education and experience.
- Certifications in the field of Information Security (at least one of the following: AWS Solutions Architect, AWS Security Specialty, CISSP, CEH, GIAC).
EXPERIENCE REQUIRED:
- 10+ years of experience in related IT Security environment.
GENERAL KNOWLEDGE, SKILLS & ABILITIES:
- Serve as a mentor to other Infrastructure Security team members, providing guidance and support.
- Drive the most difficult and complex infrastructure security reviews and threat modeling.
- Develop, evangelize and monitor the adoptions of sound security practices.
- Champion recruiting activities.
- Have significant ownership in and evangelize security training with infrastructure teams.
- Subject Matter Expert (SME) in at least 1 technical areas impacting the security of the infrastructure.
- Author technical security documents.
- Author questions/processes for hiring and screening candidates.
- In-depth knowledge of infrastructure security vulnerabilities, attack vectors and mitigation techniques.
- Demonstrated experience in cloud security, systems security, site-reliability engineering.
- Demonstrated experience with Linux/Windows/Mac Operating Systems and common OS hardening practices.
- Demonstrated experience with running systems at scale.
- Proficiency in succinctly document technical details.
- Demonstrated ability and experience to identify and mitigate security issues, misconfigurations and vulnerabilities related to cloud, container and Kubernetes infrastructure.
- Ability to implement new and update existing security measures for the protection of the Fanatics infrastructure.
- Demonstrated experience to utilize log ingestion platforms for security analytics and identification of tactics, techniques and patterns of attackers.
- Demonstrated experience to contribute to the creation of the runbooks.
- Demonstrated experience to the production and tuning of detection rules.
- Demonstrated experience managing KMS, Secrets management, Certificate Management platforms: Akeyless, Hashicorp Vault.
- Participate in the Security Engineering Team on-call rotation.
- Ability to clearly and effectively communicate concerns and issues to the management and engineers.
- Experience with Cloud (AWS, Azure, GCP) Security.
- Experience with various AWS security services and tooling: Cloudformation, VPC, IAM, SecurityHub, Cloudtrail, Cloudwatch, Lambda, etc.
- Experience using log analysis platforms such as Splunk, ELK, etc.
- Experience with one or more programming languages (Python, Go, PHP, Ruby).
- Experience with firewalls and networking equipment – hardening configurations.
- Demonstrated experience with shell scripting is required.
- Demonstrated experience with terraform is required.
- Working experience with Kubernetes and Docker.
- Technical knowledge of systems in multi-tenant, cloud environment.
- Experience with Infrastructure as code (IaC) and IaC scanning.
- Experience with vulnerability management and patching, infrastructure vulnerability scanning.
- Demonstrated experience with WAF (Akamai, AWS WAF, etc.).
- DevOps experience managing deployment and configuration.
General skills include:
- Strong critical thinking and analytical skills.
- Ability to approach problem solving in a constructive and collaborative way that does not require absolute security.
- The ability to communicate complicated technical issues and risks to programmers, network engineers and managers.
- Strong leadership, project, and team-building skills.
- Exceptional communication skills with diverse audiences; the ability to be an infrastructure security subject matter expert who can explain relevant topics to general audiences.
Fanatics is building a leading global digital sports platform. We ignite the passions of global sports fans and maximize the presence and reach for our hundreds of sports partners globally by offering products and services across Fanatics Commerce, Fanatics Collectibles, and Fanatics Betting & Gaming, allowing sports fans to Buy, Collect, and Bet. Through the Fanatics platform, sports fans can buy licensed fan gear, jerseys, lifestyle and streetwear products, headwear, and hardgoods; collect physical and digital trading cards, sports memorabilia, and other digital assets; and bet as the company builds its Sportsbook and iGaming platform. Fanatics has an established database of over 100 million global sports fans; a global partner network with approximately 900 sports properties, including major national and international professional sports leagues, players associations, teams, colleges, college conferences and retail partners, 2,500 athletes and celebrities, and 200 exclusive athletes; and over 2,000 retail locations, including its Lids retail stores. Our more than 22,000 employees are committed to relentlessly enhancing the fan experience and delighting sports fans globally.
#J-18808-Ljbffr-
Staff Security Engineer
7 days ago
Hyderabad City Taluka, Pakistan FANATICS INC Full timeAbout the Role: We are seeking a SOC Staff Software Engineer who will design, build, and implement security solutions for our newly established Security Operations Center. As an integral member of our engineering team, you'll work on developing tools, automation, and infrastructure to support SOC analysts in detecting, analyzing, and mitigating perimeter...
-
Security Engineer
7 days ago
Hyderabad City Taluka, Pakistan beBee Careers Full time**Job Summary:**We are seeking a highly skilled Infrastructure Security Engineer to join our team. This role requires a strong background in security engineering, with expertise in cloud security, systems security, and site-reliability engineering.
-
Infrastructure Security Specialist
1 week ago
Hyderabad City Taluka, Pakistan beBee Careers Full timeJob Title: Infrastructure Security SpecialistJob Description:Fanatics is seeking an experienced infrastructure security specialist to help protect its infrastructure. A successful candidate will demonstrate strong communication and technical skills, as well as the ability to work independently and as part of a larger team.The ideal candidate will have a...
-
Infrastructure Security Engineer
2 weeks ago
Hyderabad City Taluka, Pakistan beBee Careers Full timeWe are seeking a highly skilled Infrastructure Security Engineer to join our team. As a key member of our security team, you will be responsible for establishing and maintaining robust security processes and best practices for all platforms. This includes collaborating with various teams to identify and mitigate security issues, vulnerabilities, and...
-
Cloud Security Engineer
1 week ago
Hyderabad City Taluka, Pakistan beBee Careers Full timeJob Overview:We are looking for a seasoned infrastructure security expert to join our team. As an infrastructure security specialist, you will play a critical role in protecting our infrastructure and ensuring the security of our data.Key Responsibilities:Develop and implement security best practices for our infrastructure.Collaborate with infrastructure...
-
Security Solutions Developer
2 weeks ago
Hyderabad City Taluka, Pakistan beBee Careers Full timeAbout the Role:We are looking for a highly skilled Security Engineer to join our team as a Staff Security Engineer. In this role, you will design, build, and implement security solutions for our newly established Security Operations Center. You will work closely with our engineering team to develop tools, automation, and infrastructure to support SOC...
-
IT Infrastructure Support Engineer
6 days ago
Hyderabad City Taluka, Pakistan beBee Careers Full timeIT Infrastructure Support EngineerThis role requires a highly skilled Network Engineer to support and maintain our IT infrastructure. You will design, implement, and maintain large-scale networks with a focus on F5 load balancing architecture.The successful candidate will have at least 2-5 years of experience in network engineering, a deep understanding of...
-
Perimeter SOC Security Solutions Architect
7 days ago
Hyderabad City Taluka, Pakistan beBee Careers Full timeAbout the Role: We are seeking a highly skilled SOC Staff Software Engineer who will design, build, and implement security solutions for our newly established Security Operations Center.This is an exciting opportunity to lead the technical foundation of our Perimeter SOC and develop solutions that directly impact security operations. As an integral member of...
-
Lead Infrastructure Engineer
2 days ago
Hyderabad City Taluka, Pakistan JP Morgan Chase Full timeAssume a vital position as a key member of a high-performing team that delivers infrastructure and performance excellence. Your role will be instrumental in shaping the future at one of the world's largest and most influential companies. As a Lead Infrastructure Engineer at JPMorgan Chase within the Chief Technology Office, you apply deep knowledge of...
-
Senior Security Engineer
18 hours ago
Hyderabad City Taluka, Pakistan beBee Careers Full timeSecure Cloud Infrastructure EngineerAs a Digital Forensics and Incident Response (DFIR) team lead, you will be responsible for improving the security posture of our cloud infrastructure. This includes proactively identifying and mitigating potential threats, as well as reactively responding to incidents. Your deep analytical skills and knowledge of DFIR and...