The Compliance Specialist will work on the Enterprise Compliance Support team in the Information Security organization. The role will provide day-to-day operational support for the security compliance programs. This individual will be involved in multiple areas of security compliance methodologies including supporting and implementing improvements on current and future processes with direct oversight. The role will work closely with other IS and IT teams as well as business stakeholders for collaboration as required. The successful candidate will apply existing experience to look at business processes with a fresh eye. After learning the role, they should feel comfortable proposing strategies to improve process efficiencies. This function is a main point of contact for internal customers. - Think analytically, solve problems, make decisions, and collaborate and work with a team in a fast-paced environment. - Participate in meetings with technical and business stakeholders to elicit business and functional requirements and business process analysis. - Create SSP system-specific narratives that are detailed about how each system is meeting each SSP control - Gathers and organizes metrics and other information to properly present escalations to leadership. - Coordinating with internal stakeholders with using well-developed communication skills. - Develop and implement SOPs documenting processes and services. - Works within teams to implement value-added recommendations to strengthen internal processes and improve operating processes. - Performs other analytic and provisioning duties as assigned. What You Need: - Bachelor’s Degree in Computer Science and 3 years work experience or high school degree with 7+ years in equivalent work experience in IT, cybersecurity, risk, or other disciplines. - Familiarity with various security related NIST publications (e.g., SP 800-53, SP 800-171, etc.) - Familiarity with ServiceNow, Office Suite. - Strong communication skills. - Ability to work independently. Bonus If You Have: - Experience writing technical documentation - CompTIA Security+, Azure Fundamentals, Network+, or A+ certifications or equivalent - Active Directory/Azure Active Directory As required by local law, Accenture Federal Services provides reasonable ranges of compensation for hired roles based on labor costs in the states of California, Colorado, Hawaii, Illinois, Maryland, Massachusetts, Minnesota, New Jersey, New York, Washington, Vermont, the District of Columbia, and the city of Cleveland. The base pay range for this position in these locations is shown below. Compensation for roles at Accenture Federal Services varies depending on a wide array of factors, including but not limited to office location, role, skill set, and level of experience. Accenture Federal Services offers a wide variety of benefits. You can find more information on benefits here. We accept applications on an on-going basis and there is no fixed deadline to apply. The pay range for the states of California, Colorado, Hawaii, Illinois, Maryland, Massachusetts, Minnesota, New Jersey, New York, Washington, Vermont, the District of Columbia, and the city of Cleveland is: $91,300—$184,500 USD What We Believe As a company wholly dedicated to serving the US federal government, we bring together the best talent to help reinvent how federal agencies operate and deliver greater value for their mission and the American people. We have an unwavering commitment to creating a culture in which all our people are respected, feel a sense of belonging, and have equal opportunity. As a business imperative, every person at Accenture Federal Services has the responsibility to create and sustain a culture where everyone feels welcomed and included. This is grounded in our core values and our experience that hiring and developing great people who reflect different perspectives, experiences, and backgrounds is key to driving innovation and delivering the results that our clients and the country count on. Equal Employment Opportunity Statement We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities. For details, view a copy of the Accenture Federal Services Equal Opportunity Policy Statement. Accenture Federal Services is an Equal Employment Opportunity employer. Additionally, as an Affirmative Action Employer for Veterans and Individuals with Disabilities, Accenture Federal Services is committed to providing veteran employment opportunities to our service men and women. Requesting An Accommodation Accenture Federal Services is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by Accenture Federal Services and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired. If you are being considered for employment opportunities with Accenture Federal Services and need an accommodation for a disability or religious observance during the interview process or for the job you are interviewing for, please speak with your recruiter. Other Employment Statements Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States. Candidates who are currently employed by a client of Accenture Federal Services or an affiliated Accenture business may not be eligible for consideration. Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process. The Company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Additionally, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company's legal duty to furnish information. California requires additional notifications for applicants and employees. If you are a California resident, live in or plan to work from Los Angeles County upon being hired for this position, please click here for additional important information.

• Posición: Chief Information Security Officer • Enfoque: Gobernanza, Gestión de Riesgos y Continuidad del Negocio. • Buscar un(a) CISO con trayectoria en diseño de arquitecturas resilientes en AWS y marcos de gobernanza (NIST, ISO 27001) para una Fintech que se encuentra en fase de crecimiento. La misión principal será estructurar e implementar el Sistema de Gestión de Seguridad de la Información bajo estándares como ISO 27001, asegurando que la operación nunca se detenga. • Tomar decisiones de alto nivel sobre la Política de Seguridad de la Información y su contenido. • Aprobar el resultado de las revisiones de seguridad relevantes. • Aprobar las solicitudes de excepciones que presenten valor de riesgo medio o bajo relacionadas con el Cuerpo Normativo de Seguridad de la Información. • Coordinar anualmente una valoración de riesgo para identificar nuevas amenazas y vulnerabilidades de los activos además de identificar los controles apropiados para mitigar cualquier nuevo riesgo. • Verificar que la Política de Seguridad de la Información, las Normas, los Procedimientos, Documentos Técnicos y Anexos sean revisados al menos una vez al año y de manera que los cambios en los objetivos del negocio o el entorno de riesgos queden reflejados. • Asegurarse que los terceros con quien se comparte información sean manejados de acuerdo a los estándares definidos por la compañia. • Convocar el Comité de Seguridad de la Información con objeto de informar acerca de los aspectos más relevantes de seguridad a la Dirección Corporativa. • Mantener actualizado y distribuir el Plan de Respuesta ante Incidentes • Confirmar anualmente con las diferentes unidades del negocio que cualquier nuevo canal aceptado para recibir tarjetas de crédito o débito ha sido incluido en el alcance del proceso. Cualquier cambio en el alcance debe ser actualizado en la Política de Seguridad de la Información. • Mantener actualizada la documentación de riesgos y activos de seguridad de la información. • Cuando el objeto está relacionado a Protección de Datos, deberá: o Fijar y aprobar anualmente los objetivos de nivel de riesgo de seguridad aceptable: Los objetivos deben ser vigentes y estar alineados con el propósito y la estrategia de la organización, ser medibles o estimables y coherentes con las presentes directrices. Se deberá verificar de forma anual la evolución de dichos objetivos. o Identificar a los Propietarios de los riesgos: pues son los conocedores de los riesgos inherentes y significativos del área y los activos que es responsable. • Definir y aprobar los niveles de riesgo de la organización: así como los planes de tratamiento de riesgo, asumiendo las funciones de propietario del riesgo. • Aprobar las medidas correctivas resultantes del análisis de riesgos formalizadas en el plan de tratamiento de riesgos. o • Proporcionar los recursos necesarios para asegurar el cumplimiento de los objetivos de seguridad. • Liderar el ciclo de vida de cumplimiento de PCI-DSS, desde el escaneo de vulnerabilidades hasta la auditoría anual de cumplimiento. • Establecer políticas de seguridad alineadas con el cumplimiento regulatorio. • Supervisar la implementación de tecnologías de tokenización, cifrado punto a punto. • Garantizar la seguridad en el ciclo de vida de desarrollo (backend y frontend). • Monitorear patrones de tráfico para detectar intentos de inyección, sniffing o ataques de denegación de servicio dirigidos a la pasarela.

• Dive into cybersecurity with hands-on training and real-world projects. • Work with a global team to protect applications, networks, and organizations. • Develop technical and problem-solving skills that set you apart.

About Us Fanatics is building a leading global digital sports platform. We ignite the passions of global sports fans and maximize the presence and reach for our hundreds of sports partners globally by offering products and services across Fanatics Commerce, Fanatics Collectibles, and Fanatics Betting & Gaming, allowing sports fans to Buy, Collect, and Bet. Through the Fanatics platform, sports fans can buy licensed fan gear, jerseys, lifestyle and streetwear products, headwear, and hardgoods; collect physical and digital trading cards, sports memorabilia, and other digital assets; and bet as the company builds its Sportsbook and iGaming platform. Fanatics has an established database of over 100 million global sports fans; a global partner network with approximately 900 sports properties, including major national and international professional sports leagues, players associations, teams, colleges, college conferences and retail partners, 2,500 athletes and celebrities, and 200 exclusive athletes; and over 2,000 retail locations, including its Lids retail stores. Our more than 22,000 employees are committed to relentlessly enhancing the fan experience and delighting sports fans globally. About the Team Launched in 2021, Fanatics Betting and Gaming is the online and retail sports betting subsidiary of Fanatics, a global digital sports platform. The Fanatics Sportsbook is available to 95% of the addressable online sports bettor market in the U.S. Fanatics Casino is currently available online in Michigan, New Jersey, Pennsylvania and West Virginia. Fanatics Betting and Gaming operates twenty-two retail sports betting locations, including the only sportsbook inside an NFL stadium at Northwest Stadium. Fanatics Betting and Gaming is headquartered in New York with offices in Denver, Leeds and Dublin. As a SECURITY ENGINEER III at Fanatics Betting & Gaming (FBG), your knowledge and experience in designing, implementing and maintaining security measures will help the organization stay ahead of security risks and protect company assets. This role sits within the Information Security department and reports to the Manager, Security Engineering. Responsibilities: - Continuous evaluation of several security tools including but not limited to Data Loss Prevention, Vulnerability Management, Identity and Access Management, Web Application Firewall, Email Protection and Endpoint Protection. - Evaluate and implement a Security, Orchestration, Automation and Response software. - Develop and maintain a library of scripts to be leveraged to automate threat hunting, detection, and digital forensics efforts. - Design, implement and refine security detection mechanisms to improve operational efficiency and observability. - Effectively maintain a cloud based SIEM by ensuring relevant logs are ingested and alerts are tuned. - Tasked with leveraging expertise in the area of incident response, this role may also function as the lead incident responder. - Stay up-to-date on the latest threats, vulnerabilities, and security trends to ensure that our organization is prepared to address emerging threats. - Conduct security awareness training by conducting internal phishing campaigns. - Collaborate with internal teams to ensure that secure implementation guidelines are followed. - Participate in an on-call rotation to provide 24/7 support for critical incident escalations. Qualifications: - Minimum of 5 years of experience as a security engineer or in a similar role - Proficient in incident response, threat hunting and cloud security, with a focus on AWS. - Proficient in purple team operations with expertise in offensive and defensive strategy. - Experience with identity management protocols (e.g., OAuth, SAML, OpenID Connect). - Experience automating incident response playbooks leveraging SOAR solutions. - Experience with Cloudflare Datadog, Wiz and Tines is preferred. - Ability to communicate effectively with technical and non-technical stakeholders - Proven experience drafting documentation such as standards, policies and architecture diagrams. - Ability to collaborate and work in a team environment - Demonstrated experience leveraging Infrastructure as code tools such as Terraform or Ansible is a plus. - Foundational knowledge in agile methodologies with ability to successfully collaborate with multiple stakeholders. - Experience with scripting languages such as Python or Bash is required - Relevant certifications such as OSCP, SSCP, or GSEC are a plus Salary Range: $147,250 - $193,750 USD per year The base salary for this role is based on job-related knowledge, skills, and experience and may vary depending on the successful candidate’s geographic location. Depending on the role, your interview and onboarding experience may include in-person components, such as onsite interviews or Launching into Better: LIVE—a multi-day cultural immersion in New York City for full-time, non-seasonal hires. These sessions are designed to build connection and bring our culture to life, though specific travel and participation requirements will be confirmed based on your role and location. Your recruiter will provide clear guidance at each stage of the process. For information about our benefits, please visit https://benefitsatfanatics.com/ Ranges will change based on country and state of residence, which are reflected in Geographical Zones defined by Fanatics Betting and Gaming. The range incorporates all of our Geographical Compensation Zones and is subject to change as the Zone associated with the actual offer is confirmed. In addition to the base and bonus, full-time employment, and more. For information about our benefits, please visit https://benefitsatfanatics.com/ Salary Range $147,250—$193,750 USD