Cybersecurity Analyst III

Position Overview:

The Cybersecurity Analyst III reports to the Senior Director of Cybersecurity and serves as a subject matter expert within the Security Operations Center (SOC). This journey-level role leads complex detection, response, and security engineering efforts to strengthen the cybersecurity posture of the Collectibles business. The Analyst collaborates cross-functionally to design and operationalize advanced threat detection, vulnerability mitigation, and security automation programs. This role is expected to exercise independent judgment, lead incident response efforts, and mentor junior team members.

Key Responsibilities:

• Lead advanced monitoring, triage, and threat hunting activities across enterprise systems, cloud infrastructure, and endpoints.
• Design, implement, and optimize scalable detection logic and analytics within SIEM/SOAR platforms (e.g., Sumo Logic).
• Develop and refine playbooks for automated response and escalation procedures, integrating business-specific risk factors.
• Manage and evolve a mature vulnerability management program, driving prioritized remediation in partnership with engineering and infrastructure teams.
• Conduct forensic analysis and coordinate end-to-end incident response, including root cause analysis, containment, and lessons learned reporting.
• Act as a primary escalation point for high-severity alerts and incidents; lead coordinated response efforts across stakeholders.
• Serve as technical advisor in cybersecurity assessments, audits, and regulatory compliance activities (e.g., SOX, GDPR, CCPA).
• Apply and operationalize frameworks such as MITRE ATT&CK and NIST CSF to evaluate threat coverage and inform defense strategies.
• Mentor and train junior analysts and contribute to developing team SOPs, detection tuning, and knowledge sharing.
• Contribute to cross-functional security architecture reviews and proactively assess new systems for risk.

Qualifications:

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field; equivalent work experience considered.
• 4–6 years of hands-on experience in security operations, detection engineering, and incident response.
• Deep expertise in SIEM and SOAR platforms, with strong proficiency in Sumo Logic or equivalent tools.
• Advanced experience managing vulnerability assessment tools (e.g., Qualys) and driving remediation strategy.
• Proficient with EDR platforms such as CrowdStrike, including threat detection and response at scale.
• Strong familiarity with cloud-native security practices in AWS and Azure environments.
• Demonstrated use of the MITRE ATT&CK framework for threat modeling and gap identification.
• Solid understanding of threat indicators, including IoCs, IoAs, IoMs, and ability to contextualize them within a business environment.
• Proficient in Python, PowerShell, or other scripting languages for detection tuning and automation.
• Applied knowledge of regulatory frameworks (SOX, GDPR, CCPA); experience supporting audit and compliance processes.
• Strong analytical and communication skills; able to distill complex security issues for diverse audiences.
• Preferred certifications: CySA+, CISSP, SSCP, GCIH, or equivalent.

The salary range for this position is $115,000-$130,000, which represents base pay only and does not include short-term or long-term incentive compensation. When determining base pay, as part of a final compensation package, we consider several factors such as location, experience, qualifications, and training.

Ensure your Fanatics job offer is legitimate and don’t fall victim to fraud. Fanatics never seeks payment from job applicants. Feel free to ask your recruiter for a phone call or other type of communication for interview, and ensure your communication is coming from a Fanatics email address (including @collectfanatics.com). For added security, where possible, apply through our company website at www.fanaticsinc.com/careers