Threat Detection Analyst

Job Description

This is a hands-on security position working within the Information Security group and with the internal IT department at large. This position's core focus is to ensure consistent, measurable end-to-end delivery of security services. The successful candidate will work to develop and deploy capabilities ensuring enterprise systems and data are protected with expected security controls and tools to meet policy and compliance requirements. The candidate will have a solid conceptual understanding of modern infrastructure technology and security, who can specialize in cloud and virtual application controls and configuration monitoring with the ability to leverage this knowledge to protect a wide variety of IT assets and data. The candidate will have demonstrated strong capabilities in threat and data flow modeling and has shown success using these models to actively manage information security risks.

We are looking for candidates who have a passion for cyber security, threat detection, risk mitigation and response. You will be a key part of our efforts to build and support a defensible environment where we are able to detect, contain and respond quickly to threats and compromise in ways that serve to enable the business needs of a highly collaborative organization. The environment is fast-paced and commonly on the leading edge of technology, including early adoption of various cloud services along with the challenges of integrating those services into our security practices.

Job Description

Who We Are

Creative Artists Agency (CAA) is the leading entertainment and sports agency, with global expertise in filmed and live entertainment, digital media, publishing, sponsorship sales and endorsements, media finance, consumer investing, fashion, trademark licensing, and philanthropy. Distinguished by its culture of collaboration and exceptional client service, CAA's diverse workforce identifies, innovates, and amplifies opportunities for the people and organizations that shape culture and inspire the world. The trailblazer of the agency business, CAA was the first to build a sports business, create an investment bank, launch a venture fund, found technology start-up companies, establish a philanthropic arm, build a business in China, and form a brand marketing services division, among other innovations. Named Most Valuable Sports Agency by Forbes for eight consecutive years, CAA represents more than 2,000 of the world's top athletes in football, baseball, basketball, hockey, soccer, in addition to coaches, on-air broadcasters, and sports personalities and works in the areas of broadcast rights, corporate marketing initiatives, social impact, and sports properties for sales and sponsorship opportunities. Founded in 1975, CAA is headquartered in Los Angeles, and has offices in New York, Nashville, Memphis, Chicago, Miami, London, Munich, Geneva, Stockholm, Shanghai, and Beijing, among other locations globally.

Responsibilities

Day-to-day work will include general security operations (as opposed to compliance) plus a more specialized focus on monitoring/validating that security controls are in place and effective in a cloud first distributed network. Knowledge of automation, identity management, vulnerability management and/or threat intelligence preferred.

This is a capable team, with good work/life balance, a cool mission, and the ability to shape your own role over time. An analyst who is self-starting, flexible, and curious will thrive in this environment.
• Responsible for the development of end-to-end security monitoring and reporting; ensuring expected controls are in place and performing as designed.
• Evaluate new and emerging threats against existing security controls; ensuring controls remain effective to changing business and threat landscapes
• Crafting searches and logic to detect anomalous behavior in user, network, host and cloud activity.
• Create meaningful visualizations and dashboards to help contextualize data.
• Develop, enhance, and maintain a Risk Register
• Support vulnerability management by identifying and tracking vulnerabilities across CAA's environment.
• Support 3rd party risk management and data security by automating and correlating risks identified from security questionnaires with controls and remediation efforts.

The preferred applicant will have 3+ years experience in some mix of the of the following skills:
• Highly proficient at cloud-based applications, containers, virtual machines, and with a particular emphasis on configuration, monitoring and control validation.
• Professional working familiarity with security operations, including various IT platforms, applications, threat intelligence and security in a distributed network environment.
• Interest in automating tasks, developing playbooks and refining processes.
• Experience building scripts, tools, and methodologies to detect and respond to anomalous behavior.
• Experience with DLP, Data security / mapping and (external) supply chain/vendor risk.
• Knowledge of industry recognized security and analysis frameworks (MITRE ATT&CK, NIST RMF/CIS, kill Chain, Crown Jewels Assessment, etc.).
• Ability to identify meaningful metrics, diagrams and visualization approaches that tell our story to peer technical groups and senior management.
• Experience with O365, Demisto, Tenable, Splunk, CrowdStrike Falcon, Azure, AWS, GitHub, Kubernetes, and VMWare.

Environment
• You can work 100% remote with occasional travel to company meetings and events.
• We have a service-oriented collaborative environment where teamwork and care and helping others to succeed are highly valued.

Jobcode: Reference SBJ-rjv072-3-16-70-101-42 in your application.