Full Time Job

Manager, Incident Response

Live Nation

Hollywood, CA 05-13-2022
Apply @ Employer
  • Paid
  • Full Time
  • Senior (5-10 years) Experience
Job Description
Title: Manager, Incident Response

Location: Hollywood, CA

Live Nation Entertainment is the world's leading live entertainment and eCommerce company, comprised of four market leaders: Ticketmaster, Live Nation Concerts, Artist Nation and Live Nation Media & Sponsorship. Ticketmaster is the global event ticketing leader and one of the world's top five eCommerce sites, with over 26 million monthly unique visitors. Live Nation Concerts is the largest provider of live entertainment in the world promoting more than 40,000 shows and 100+ festivals annually for nearly 4,000 artists in over 40 countries. Artist Nation is the world's top artist management company, representing over 250 artists. These businesses allow Live Nation Media & Sponsorship to create strategic music marketing programs that connect over 1,000 brands with the 98 million fans that attend Live Nation Entertainment events each year.

The Team:

The Cyber Defense and Incident Response team operates within the Corporate Information Security and Privacy Organization and are a critical function within Live Nation Entertainment. We specialize in detecting and responding to adverse events within our global network and provide snap response times to mitigate the impact of potential threats.

The Role:

As the Manager of the Incident Response Team, you must have depth and breadth of knowledge across multiple IT and Information Security technologies to appropriately respond to cyber security threats across our global environment. You will need a strong comprehension of incident response plans and coordination of people and technology. Additionally, you will have an exceptional ability to build trusted-working relationships with cross-functional teams. You will hold a highly influential position to manage, guide and train incident response analyst in geographically dispersed locations around the world. You have a keen ability to anticipate obstacles and make intelligent decisions to handle the high-pressure and visibility of incident response. You will have the agility to maneuver within the complexities associated with Live Nation Entertainment's global reach as it relates to changes in policies and procedures. Ideally, you will continue the tradition of fostering a positive team culture.

Essential Duties & Responsibilities:
• Prepare, detect, respond and mitigate against cyber threats, protecting Live Nation Entertainment data and assets utilizing industry information security best practices
• Coordinate and lead global incident response efforts to address cyber security incidents caused by external threats that may involve nontraditional and extended working hours
• Responsible for all management activities related to the Incident Response team's operations
• Champion process documentation and lessons learned to improve team efficiency and consistency for scalable response operations to ensure continuous improvement
• Develop and deliver metrics that measure the team's efficiency and effectiveness to leadership
• Own and manage the Incident Response Team internal action playbooks and knowledgebase
• Plan, organize and strategize responses to incidents and obtain useful forensic information from the evidence submitted, taking into consideration the requirements by agency regulations, federal and state laws - and company policies as they apply
• Conduct incident and investigations post-mortem briefings, analysis, and reporting as required
• Perform forensic acquisitions utilizing forensic to investigate security matters, and develop fact-based reports
• Manage career development for team members, including training and mentoring, conducting performance reviews and exhibiting behaviors to be modeled by team members
• Drive a culture of inclusiveness and team unity to deliver exceptional customer services within the team and to our partner teams
• Research and stay current on the latest trends, best practices, and technology developments
• Participate in on-call weekly rotations with other team members (Required)

Additional Skills and Qualities Desired:

Technical Skills:
• Experienced incident response techniques with the ability to manage small- and large-scale incidents that include members from technical, external and executive teams
• Practical understanding of varying degrees of incident response and knowing when to apply in-depth investigations and determine what data to collect at the various levels
• Digital forensic collection of host- and cloud-based data from global environments both remote and physical
• Network forensic analysis in real-time or historically, to assist with incident scoping of adversary activity and data discovery through packet captures
• Practical application of digital forensic investigative processes and experience with, but not limited to, forensic tools, methodologies, handling and archiving/destruction
• Expertise in malware identification and analysis and running containment and remediation playbooks while preserving forensic artifacts
• Identify opportunities to collect additional evidence based on the existing security tools within the network architecture
• Working knowledge of security best practices and common threats associated with M365, Azure, AWS and GCP
• Perform data analysis against large datasets utilizing various techniques to identify correlations across multiple data types including structured and unstructured data to identify adversary activity
• Track incidents from beginning to end with clear and well-organized documentation and provide high-level summary analysis to leadership during and after an incident

• 8+ years of Information Technology experience
• Member of a Security Operations Center (SOC)
• Security Incident Response Analyst or supporting function
• eDiscovery or related role performing forensic functions
• 4+ years of Information Security and Incident Response or similar discipline
• 4+ years of Linux/Unix, Mac and Windows system analysis experience
• Technical Cyber Security Certification(s) required (min. 1): GCFE, GCFA, GFNA and EnCE - EnCase Certified Examiner
• BA/BS in Computer Science, Information Security, or Information Systems or equivalent related work experience
• Experience working in a large enterprise and management of a wide range of security tools such as IDS/IPS (network and host), advanced anti-malware (network and endpoint), DLP, encryption, anti-virus, firewalls, identity management, NAC, etc.
• Familiarity with security standards NIST Cyber Security Framework, NIST SP800-61 R2 and ISO/IEC 27035
• Deep understanding of security threats, vulnerabilities, and incident response
• Basic understanding of electronic discovery and analysis including legal requirements
• Manage relationships with business partners, management, vendors, and external parties
• In-depth technical knowledge of Windows and Unix/Linux based operating systems
• Strong organizational, multi-tasking, and time-management skills
• Strong negotiation, influence, mediation & conflict management skills
• Travel is at a minimum, but some domestic and international travel is required
• Must be willing to be available 24x7 during weekly on-call rotations
• Must be willing to work non-traditional hours which may occur over weekends and holidays in support of incidents as needed
• Exceptional ability to remain calm under stress
• Must be able to pass


Jobcode: Reference SBJ-g34k9x-3-225-221-151-42 in your application.

Company Profile
Live Nation

Live Nation Entertainment is the global leader in live entertainment and ticketing. Our world-class portfolio reaches all aspects of the live event and ticketing industry, from ground-breaking software in Ticketmaster, mix of legendary venues and restaurants in House of Blues, production leaders in Concerts, exceptional brand partnerships in Media & Sponsorship, and unparalleled team of artist managers in Artist Nation supported by diverse professionals in all facets of Corporate operations.