ABOUT FANDUEL GROUP
FanDuel Group is a world-class team of brands and products all built with one goal in mind — to give fans new and innovative ways to interact with their favorite games, sports, teams, and leagues. That’s no easy task, which is why we’re so dedicated to building a winning team. And make no mistake, we are here to win, but we believe in winning right. That means we’ll never compromise when it comes to looking out for our teammates. From our many opportunities for professional development to our generous insurance and paid leave policies, we’re committed to making sure our employees get as much out of FanDuel as we ask them to give.
FanDuel Group is based in New York, with offices in California, New Jersey, Florida, Oregon and Scotland. Our brands include:
- FanDuel — A game-changing real-money fantasy sports app
- FanDuel Sportsbook — America’s #1 sports betting app
- TVG — The best-in-class horse racing TV/media network and betting platform
- FanDuel Racing — A horse racing app built for the average sports fan
- FanDuel Casino & Betfair Casino — Fan-favorite online casino apps
- FOXBet — A world-class betting platform and affiliate of FanDuel Group
- PokerStars — The premier online poker product and affiliate of FanDuel Group
Our roster has an opening with your name on it
We are looking for a Security Engineer to implement and provide ongoing hands-on support for the FanDuel Group hybrid cloud based customer platform and internal corporate environment. Utilize a variety of computing architectures (e.g., cloud (AWS, O365, GCP). Collaborate with developers, staff, IT colleagues, and vendors to identify security requirements, assess available technologies, and recommend solution options. We're looking for a self-starter with highly technical skills in the field.
THE GAME PLAN
Everyone on our team has a part to play
- Responsible for configuring, maintaining and supporting customer facing applications, internal company infrastructure, and 3rd party vendors.
- Responsible for implementing and maintaining the security for a large scale customer facing hybrid environment, and internal workplace.
- Work with IPS and various firewalls to secure the environment
- Work with multiple DMZ's to secure data flow between them
- Maintain contact with vendors, industry peers, and professional associations to keep informed of existing and evolving industry standards, technologies, and cyber threats
- Assist in design of enhancements to the hybrid security strategy for identifying and alerting on appropriate event types
- Responsibilities may include Active Directory, Linux, containerized applications in GCP and AWS security
- Identify, evaluate and conduct proof-of-concepts for new technologies and lead development of core architectural components
- Develop business relationships and integrate activities with other departments to ensure successful implementation and support project efforts.
- Mentor information technology organization in understanding and adhering to architecture design standards and guidelines. Promote knowledge sharing within the technical communities
- Foster and maintain good relationships with colleagues to meet expected customer service levels
- Manage bug bounty program end to end, confirming issues and getting them fixed
- Security incident response, including supporting the identification and remediation of infrastructure related security incidents.
- Penetration and vulnerability testing
- Design, develop, integrate, and implement security solutions to defend against advanced cyberattacks, hacking and persistent threats
- Maintain, support and improve security architecture
- Be central point of contact for assigned platform/workplace and interface with business, and developers to ensure security.
- Be responsible for all aspects of security and ensure remediation of issues and/or automated methods to inhibit violations of security
- Continuous Improvement
- Move as much of the work as possible to detectors.
- Automate alert collection, prioritization, tasks and processes, periodic audits and control
What we’re looking for in our next teammate
- Minimum of 5 years of experience working in an Information Security role of increasing responsibility preferred
- Minimum of 3 years of experience securing hybrid cloud and containerized applications is required
- Minimum of 2 years of experience working with large, complex networks and systems preferred
- At least one of the following certifications with combined experience: CISSP, CCSK, CCSP, CEH, OSCP
- Python, bash, and/or powershell scripting.
- Knowledge of working with vendor API’s to automate task
- SumoLogic/Splunk query, alerts, and integration capabilities.
- Experience in a hands-on role setting up and supporting hybrid cloud based customer applications, O365, along with and/or CCSK/CCSP.
- Subject matter expert on leading multiple cyber security projects.
- In depth knowledge and understanding of Intrusion Prevention Systems, Firewalls, and associated best practices for securing internet facing databases as well as communication between the Internet, multiple DMZ's, and cloud based services.
- Hands-on experience administering, securing and working with O365, AWS, and GCP servers, and containerized applications at scale.
- In depth knowledge of cloud security and design of security on large scale applications supporting high throughput dynamic loads.
- Understanding of Database security a plus.
- Programming/scripting experience.
- Ideal candidate will have an intimate understanding of technology and be motivated to constantly learn new technologies.
- Knowledge of Vulnerability scanning and/or internal penetration testing.
- PCI/CCPA/PII/GDPR rules, and compliance.
- Excellent organizational and analytical skills.
- Ability to communicate clearly and professionally with all levels of an organization.
- Excellent verbal and written communication skills.
- Effective interpersonal skills.
- Skilled in problem diagnosis and resolution
- Proficiency in multi-tasking and prioritizing projects.
- Excellent time management skills and be accustomed to working within prescribed deadlines.
- Knowledge of the OWASP Top 10 web application security risks and how to minimize them
We treat our team right
Competitive compensation is just the beginning. As part of our team, you can expect:
- An exciting and fun environment committed to driving real growth
- Opportunities to build really cool products that fans love
- Mentorship and professional development resources to help you refine your game
- Flexible vacation allowance to let you refuel
- Hall of Fame benefit programs and platforms
FanDuel Group is an equal opportunities employer. Diversity and inclusion in FanDuel means that we respect and value everyone as individuals. We don't tolerate bias, judgement or harassment. Our focus is on developing employees so that they reach their full potential.