Cybersecurity Analyst III

Company Overview Fanatics is building a leading global digital sports platform. The company ignites the passions of global sports fans and maximizes the presence and reach for hundreds of sports partners globally by offering innovative products and services across Fanatics Commerce, Fanatics Collectibles, and Fanatics Betting & Gaming, allowing sports fans to Buy, Collect and Bet. Through the Fanatics platform, sports fans can buy licensed fan gear, jerseys, lifestyle and streetwear products, headwear, and hardgoods; collect physical and digital trading cards, sports memorabilia, and other digital assets; and bet as the company builds its Sportsbook and iGaming platform. Fanatics has an established database of over 100 million global sports fans, a global partner network with over 900 sports properties, including major national and international professional sports leagues, teams, players associations, athletes, celebrities, colleges, and college conferences, and over 2,000 retail locations, including its Lids retail business stores.    As a market leader with more than 18,000 employees, and hundreds of partners, suppliers, and vendors worldwide, we take responsibility for driving toward more ethical and sustainable practices. We are committed to building an inclusive Fanatics community, reflecting and representing society at every level of the business, including our employees, vendors, partners and fans. Fanatics is also dedicated to making a positive impact in the communities where we all live, work, and play through strategic philanthropic initiatives.

The Cybersecurity Analyst III – role reports to the Sr. Director of Cybersecurity and is responsible for maintaining the daily security posture of the Collectibles business. They will aid in managing various aspects of the production, office, and network security environment, focusing on the company's SIEM and SOAR, as well as the vulnerability management platform. The Cybersecurity Analyst III will also work to ensure the Collectibles business' security posture aligns with the corporate minimum standards and actively assists in safeguarding corporate assets from unauthorized access.

Duties may include:

• Staying abreast of current security threats within the company region and vertical.
• Daily monitoring and protection of corporate assets.
• Assisting in the on boarding, management, and tuning of Sumo Logic for effective security information and event management.
• Helping with the configuration, management, and tuning of Qualys for effective vulnerability management.
• Analyzing and responding to security alerts from multiple security tools, operating systems, and cloud platforms.
• Supporting the business's vulnerability management program.
• Assisting in the production of meaningful KPI’s and executive level reporting.

Qualifications:

• Bachelor’s degree or equivalent experience required.
• 3 years' experience administering SIEM and SOAR tools, hands-on experience with Sumo Logic preferred.
• 3 years' experience working with vulnerability management tools, Qualys preferred.
• 3 years’ experience administering Endpoint Protection products, CrowdStrike preferred.
• Familiarity with cloud security alerts originating from AWS and Azure, leveraging the security tools and features available on these platforms to understand the scope and impact of the detected issues.
• A solid understanding of the MITRE ATT&CK framework, and utilizing it as a basis to identify, categorize, and respond to potential threats and security incidents.
• Understanding the key differences and applications of various threat indicators, including Indicators of Misconfiguration, Indicators of Attack, and Indicators of Compromise.
• A keen interest in cybersecurity investigations and familiarity with Incident Response procedures.
• Understanding of vulnerability management processes and tools.
• Basic scripting knowledge is a plus.
• General understanding of compliance regulations like SOX, GDPR, and CCPA.
• Excellent verbal and written communication skills.
• Security+ or CySA+ required, SSCP or CISSP a plus.