Senior Security Engineer - Detection and Response

Fanatics
Fanatics

Hyderabad, Telangana, India

Posted on Jun 24, 2026
Fanatics is looking for an experienced, senior security engineer to join our Detection and Response team. The ideal candidate is well versed in incident response, passionate about engineering solutions to security problems, and enjoys driving process improvement. In this role, you will have incident response duties in addition to being responsible for the design and development of the detections and automated workflows that we need to scale our incident response capabilities. Our team is actively investing in expanding our detection and response capabilities with AI to increase our coverage and speed.
Information Security team members are given a great deal of autonomy in the pursuit of keeping Fanatics secure and a successful candidate will demonstrate a strong work ethic, superior communication skills, and is expected to be comfortable and effective working independently and as part of a larger, highly-distributed team. We're looking specifically for people who place an emphasis on usable security. Fanatics is a fast-growing company and our security program needs to be able to keep pace with that growth while not disrupting innovation.
Responsibilities:

  • Respond to security incidents, perform investigations, conduct incident analysis, and articulate potential risks and remediation strategies to stakeholders.

  • Participate in a 24/7 on-call rotation with weekly shifts. This provides opportunities to see your detections and automated workflows at work.

  • Use detection engineering best practices to develop and continuously optimize alerts, allowing us to spend our cycles effectively and spot anomalies quickly.

  • Develop, test, and maintain SOAR workflows, integrations, and scripts to improve the speed and consistency of incident response.

  • Author and maintain documentation for all detections, automated response workflows, playbooks, integrations, and scripts.

  • Contribute to improving processes, procedures, and technologies used for detection and response, enabling us to improve after each incident.

  • Conduct proactive threat hunts and threat modeling exercises to identify and pinpoint potential security threats, drawing on insights into attacker TTPs to identify potential IOCs and incorporate findings into security controls.

  • Provide input on technical direction for detection and response projects, including tasking and reviewing the work of peer engineers, while mentoring team members

  • Partner with leadership and peers to gather requirements, priorities, and enhancements, translating those needs in to data, tooling, and integration requirements.

  • Work closely with other engineering teams to continuously provide requirements and use cases for enabling technologies including but not limited to SIEM, SOAR, EDR, Intrusion Detection Systems, Secure Web Gateway, DNS security, System Hardening, Identity Management, and PKI.

Experience and Skills:

  • Defensive practitioner who understands offensive security and the actual scenarios that lead to compromise.

  • Hands-on incident response experience, including managing complex investigations with many stakeholders.

  • Very strong working knowledge of adversary TTPs and experience using MITRE ATT&CK principles to detect and respond to security incidents.

  • Advanced experience with enterprise SIEM platforms including the design and development of detections, reports, and dashboards.

  • Ability to analyze endpoint, network, and application logs for anomalous events, including hands-on experience with data analysis, modeling, and correlation at scale.

  • Strong SOAR development skills and proven experience automating security response workflows in an enterprise environment.

  • Experience using scripting, REST APIs, and query languages for automation, alert enrichment, and detections.

  • Experience using penetration testing and ATT&CK framework tools to simulate adversarial behaviors and translate those behaviors into detections.

  • Strong conceptual knowledge of OS internals and understanding of malware functionality and persistence mechanisms sufficient to author endpoint detections directly from raw telemetry.

  • Exceptional communication skills and a proven track record of communicating effectively with internal and external stakeholders at all levels.

  • Robust analytical and problem-solving capabilities, with a keen eye for objectively evaluating security risks.

  • High level of commitment, energy, and creativity with the ability to work in a fast paced, rapidly changing environment.

  • Meticulous attention to detail with strong organizational skills and ability to prioritize work effectively.

  • Experience evaluating and operating AI-assisted security tooling.

  • Experience working in a distributed, multi-region SOC.

  • Proficiency using and managing a variety of security tools and technologies, such as, MFA, IDS/IPS, EDR, WAF, and Vulnerability Management.

  • Experience using CI/CD tools like Gitlab or Github.

  • Experience working with detection-as-code.

  • Experience working in a hybrid environment that includes on-premise and cloud based systems.

Desired Qualifications:

  • 8+ years of experience working in technical information security roles with a focus on security monitoring, threat detection, and incident response.

  • One or more of the following certifications is a nice to have: GIAC GCIH, GCFA, GCIA, GREM, OSCP or CISSP.

  • College Degree in related field (Information Security, Information Systems, Computer Science/Computer Engineering) or equivalent work experience.

See more open positions at Fanatics