Security Operations Engineer

ABOUT FANDUEL

FanDuel Group is the premier mobile gaming company in the United States and Canada. FanDuel Group consists of a portfolio of leading brands across mobile wagering including: America’s #1 Sportsbook, FanDuel Sportsbook; its leading iGaming platform, FanDuel Casino; the industry’s unquestioned leader in horse racing and advance-deposit wagering, FanDuel Racing; and its daily fantasy sports product.  

In addition, FanDuel Group operates FanDuel TV, its broadly distributed linear cable television network and FanDuel TV+, its leading direct-to-consumer OTT platform. FanDuel Group has a presence across all 50 states, Canada, and Puerto Rico.

The company is based in New York with US offices in Los Angeles, Atlanta, and Jersey City, as well as global offices in Canada and Scotland. The company’s affiliates have offices worldwide, including in Ireland, Portugal, Romania, and Australia.

FanDuel Group is a subsidiary of Flutter Entertainment, the world's largest sports betting and gaming operator with a portfolio of globally recognized brands and traded on the New York Stock Exchange (NYSE: FLUT).

THE POSITION
Our roster has an opening with your name on it

As a valued member of the Security Operations Center (SOC) team, the Security Engineer will be responsible for early and accurate detection, response and containment of threats directed against the environment. This role requires advanced skills in intrusion detection and threat hunting to identify credible risks/adversaries to proprietary and sensitive data before a potential breach. Collaboration with other security engineers, developers, vendors and business units to constantly improve the overall security posture will be the key to success at FanDuel Group. We’re looking for a team player with highly technical analytical skills. 

In addition to the specific responsibilities outlined above, employees may be required to perform other such duties as assigned by the Company. This ensures operational flexibility and allows the Company to meet evolving business needs.

THE GAME PLAN
Everyone on our team has a part to play

• Monitor and analyze network, server, endpoint, database, and application activities for indicators of compromise, minimizing false positives. 
• Automate alert collection, prioritization, tasks and processes, periodic audits, and controls. 
• Lead incident response efforts, conducting thorough remediation and root cause analysis. 
• Enhance security posture for large-scale customer-facing hybrid cloud environment and internal workplace, leveraging MITRE ATT&CK tactics and techniques assessment. 
• Drive growth and maturity of threat hunting program to proactively identify and mitigate security threats. 
• Contribute to security process enhancement and documentation, staying abreast of cybersecurity developments to brief SOC director effectively. 
• Evaluate and conduct proof-of-concepts for innovative technologies, collaborating with security engineers on implementation. 
• Foster cross-departmental integration to establish strong business relationships, mentor business units in cybersecurity guidelines and best practices while promoting knowledge sharing and maintaining high customer service levels. 
  
  
  

THE STATS
What we're looking for in our next teammate

• Empathetic contributor who has experience operating effectively across teams and disciplines in highly ambiguous and rapidly changing environments and have successfully executed on ambitious projects 
• Proficient experience working in cybersecurity operations and incident response, to include utilizing Security Information and Event Management (SIEM) platforms, Intrusion Detection/Prevention Systems (IDS/IPS), and Vulnerability Management and Threat Intelligence applications.  
• Experience working with large, complex networks and systems 
• Bachelor of Science degree in Information Security, Engineering, Computer Science or related field preferred 
• Proficient understanding and applicability of MITRE ATT&CK framework (or other industry related frameworks) 
• Programming/scripting experience (bash, python, PowerShell) 
• Knowledge of log ingestion pipelines, log parsing, grok patterns and regular expressions 
• Capable of writing detections using YAML and JSON styled languages  
• Ability to write and automate security incident playbooks 
• Excellent communication skills both verbal and written to help articulate and lead Incident response processes; ability to write about technical subjects to a wide audience for reporting on security incidents in regulated industries  
• Bachelor of Science degree in Information Security, Engineering, Computer Science or related field preferred 
• At least one of the following certifications with combined experience: CISSP, CEH, GCIH, GCFA, Security+, OSCP 
• Security experience with cloud native company expanding across multiple environments from, *nix/Windows operating systems, cloud resources (e.g. AWS, GCP, O365), and customer-facing web applications 
• Deep knowledge of attacker methodologies and techniques and corresponding incident response methodologies to detect and protect. 
  
  
  

PLAYER BENEFITS
We treat our team right

We offer amazing benefits above and beyond the basics. We have an array of health plans to choose from (some as low as $0 per paycheck) that include programs for fertility and family planning, mental health support, and fitness benefits. We offer generous paid time off (PTO & sick leave), annual bonus and long-term incentive opportunities (based on performance), 401k with up to a 5% match, commuter benefits , pet insurance, and more - check out all our benefits here: FanDuel Total Rewards. *Benefits differ across location, role, and level.

FanDuel is an equal opportunities employer and we believe, as one of our principles states, “We are One Team!”. As such, we are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, creed, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, veteran status, or any other characteristic protected by state, local or federal law. We believe FanDuel is strongest and best able to compete if all employees feel valued, respected, and included.

The applicable salary range for this position is $116,000 - $152,250 USD, which is dependent on a variety of factors including relevant experience, location, business needs and market demand. This role may offer the following benefits: medical, vision, and dental insurance; life insurance; disability insurance; a 401(k) matching program; among other employee benefits. This role may also be eligible for short-term or long-term incentive compensation, including, but not limited to, cash bonuses and stock program participation. This role includes paid personal time off and 14 paid company holidays. FanDuel offers paid sick time in accordance with all applicable state and federal laws.

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

#LI-Hybrid