Fanatics

Staff Security Engineer

Fanatics$190K — $250K *
New York, NY 10025In-Person
Information Technology
8 - 10 years of experience
2 weeks ago
Job Overview by Ladders

Qualifications

  • 10+ years of experience in security engineering or a related field, including 5+ years of hands-on software engineering experience
  • Expertise in implementing AWS security services (Cloudtrail, GuardDuty, Cloudwatch) with best practices
  • Prior experience with zero-trust network access for least privilege provisioning
  • Hands-on management of WAF platforms including custom rule development
  • Experience leveraging infrastructure as code with Terraform or Ansible
  • Familiarity with identity management protocols (OAuth, SAML, OpenID Connect)
  • Proficient in programming languages like Python, Java, or Go and relevant security certifications (OSCP, SSCP, GSEC)

Responsibilities

  • Develop and uphold secure architecture for on-premises, cloud, and containerless environments
  • Conduct threat model reviews and produce actionable findings
  • Contribute production code as an engineering partner
  • Participate in sprint planning and architecture reviews for security input
  • Enhance security coding programs using infrastructure as code
  • Participate in on-call rotation for 24/7 incident support

Benefits

  • Comprehensive health benefits
  • 401(k) retirement plan
  • Paid time off and holidays
  • Employee discounts on products and services
  • Professional development opportunities
Full Job Description
The Role:

As a Staff Security Engineer on the Fanatics Ecosystems Security team, you will lead security reviews, deliver impactful tooling in close partnership with engineering teams, and operate application and edge security with efficiency and scale.

What You'll Do:
  • Develop, implement, and uphold secure architecture for product and enterprise environments. This encompasses on-premises, cloud, and containerless environments.
  • Conduct threat model reviews for new services and major architecture changes, producing prioritized, actionable findings that unblock rather than delay engineering
  • Contribute production code to product features as an engineering partner
  • Attend sprint planning and architecture reviews for the product squads you support, security input happens at design time.
  • Consistently contribute to and enhance security coding programs that support immutable and version-controlled environments through the utilization of infrastructure as code, detection as code, and other engineering-driven security initiatives.
  • Participate in an on-call rotation to provide 24/7 support for incident escalations


What We're Looking For:
  • 10+ years of experience in security engineering or a related field, including 5+ years of hands-on software engineering experience
  • Demonstrated expertise in implementing AWS security services and adhering to best practices. (Cloudtrail, GuardDuty, Cloudwatch).
  • Prior experience implementing and managing a zero-trust network access solution to support least privilege access provisioning.
  • Hands-on experience managing WAF platforms (Cloudflare, Akamai, Fastly, AWS WAF or equivalent) including custom rule development, not just enabling managed rulesets
  • Demonstrated experience leveraging infrastructure as code with tools such as Terraform or Ansible
  • Experience with identity management protocols (e.g., OAuth, SAML, OpenID Connect)
  • Able to identify what a good release pipeline looks like (the stages, what they do, why they are there)
  • Demonstrated ability to develop and comprehend code in one or more programming languages, including Python, Java, or Go.
  • Relevant certifications such as OSCP, SSCP, or GSEC

The salary range for this position is $190,000 to $250,000 which represents base pay only and does not include short-term or long-term incentive compensation. When determining base pay, as part of a final compensation package, we consider several factors such as location, experience, qualifications, and training.

Depending on the role, your interview and onboarding experience may include in-person components, such as onsite interviews or Launching into Better: LIVE-a multi-day cultural immersion in New York City for full-time, non-seasonal hires. These sessions are designed to build connection and bring our culture to life, though specific travel and participation requirements will be confirmed based on your role and location. Your recruiter will provide clear guidance at each stage of the process.

For information about our benefits, please visit https://benefitsatfanatics.com/

Ranges will change based on country and state of residence, which are reflected in Geographical Zones defined by Fanatics Betting and Gaming. The range incorporates all of our Geographical Compensation Zones and is subject to change as the Zone associated with the actual offer is confirmed. In addition to the base and bonus, full-time employment, and more. For information about our benefits, please visit https://benefitsatfanatics.com/

Salary Range

$190,000-$250,000 USD

About Fanatics

Fanatics is a leading retailer of licensed sports merchandise. The company was founded in 1995 and has grown to become the largest online retailer of officially licensed sports merchandise in the world. Fanatics offers a wide range of products, including jerseys, hats, and other apparel, as well as collectibles and memorabilia. The company has partnerships with all major sports leagues and teams, as well as with individual athletes. Fanatics is committed to providing a seamless shopping experience for its customers and has invested heavily in technology and logistics to ensure fast and reliable delivery.
Learn more about Fanatics
Size
5,000 employees
Industry
Retail & Consumer Goods
Founded
1995
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at Fanatics

More Information Technology Jobs

Find similar Staff Security Engineer jobs:

NationwideNew York, NY