Sr Security Analyst

Job Description

Responsibilities: • Mentor and train other members of the Security Operations team. • Serve as an escalation point in incident response scenarios; acting as the incident lead and conducting investigations and forensics as needed. • Monitor external information sources to determine potential threats to Fanatics. • Monitor and analyze alerts, network traffic, and system logs for unusual behavior, attributing suspicious activity to specific threats and implementing measures to mitigate risk. • Help design, deploy, and operate internal Fanatics security systems. • Recommend how to optimize use of existing security monitoring tools based on assessments of available threat intelligence data and incident trends. • Participate in a 24/7 on-call rotation, helping triage and respond to security incidents as they arise and providing support for internal end users by resolving or routing tickets. • Coordinate with other teams in IT to enforce standards for endpoint security, vulnerability management, and system hardening. • Contribute to and lead reviews of documentation (processes, hardening standards, playbooks, and after action reports) working closely with management to continuously improve day to day operations. • Develop automation playbooks using a SOAR platform to improve the speed and consistency of our incident response capabilities. Experience and Skills: • High level of commitment, energy and creativity with the ability to work in a fast paced, rapidly changing environment. • Excellent oral and written communication skills, including the ability to interact effectively with executives, engineers, vendors and peers. • Strong analytical skills, including structured problem solving and instinctive thinking. • Hands on experience working within a formal incident response process and conducting forensic investigations. • Highly adept at managing IT security projects that are cross-functional in nature. • Proficiency with scripting and query languages (Python, Powershell, SQL, etc.) with a passion for automation. Experience using a SOAR platform is a big plus. • Strong networking skills; OSI model, TCP/IP, HTTPS, network intrusion detection and prevention. • Experience working with enterprise level access management, SIEM, IDS/IPS, end-point protection, and multi-factor authentication systems. • Must be comfortable working with and troubleshooting in a heterogeneous operating environment, including hands-on administrative experience with Windows, Macintosh, and Linux and a strong working knowledge of Active Directory and Microsoft 365. • Experience working in a hybrid environment that includes on-premise and cloud based systems. Experience with AWS is a nice to have. Required Qualifications: • 3-5 years of relevant work experience specifically in the field of Information Security • One or more of the following certifications preferred: CompTIA Security+, SSCP, CISSP, GCIH, ECIH • College Degree in related field (Information Security, Information Systems, Computer Science/Computer Engineering) or equivalent work experience