Manager, Incident Response

Job Description

Live Nation Entertainment is the world's leading live entertainment and eCommerce company, comprised of four market leaders: Ticketmaster, Live Nation Concerts, Artist Nation and Live Nation Media & Sponsorship. Ticketmaster is the global event ticketing leader and one of the world's top five eCommerce sites, with over 26 million monthly unique visitors. Live Nation Concerts is the largest provider of live entertainment in the world promoting more than 40,000 shows and 100+ festivals annually for nearly 4,000 artists in over 40 countries. Artist Nation is the world's top artist management company, representing over 250 artists. These businesses allow Live Nation Media & Sponsorship to create strategic music marketing programs that connect over 1,000 brands with the 98 million fans that attend Live Nation Entertainment events each year.

The Team:

The Cyber Defense and Incident Response team operates within the Corporate Information Security and Privacy Organization and are a critical function within Live Nation Entertainment. We specialize in detecting and responding to adverse events within our global network and provide snap response times to mitigate the impact of potential threats.

The Role:

As the Major Incident Manager of the Incident Response Team, you must have knowledge across multiple IT and Information Security concepts to respond to cyber security threats swiftly and succinctly across our global environment. You will be in command of multiple major incidents, coordinating and leading the necessary people and technologies through the incident lifecycle. You are results-oriented and can work with a high degree of resilience, integrity, responsibility, attention to detail and execution. You are confident and manage ambiguity well, and are comfortable when handling demanding, high-visibility incidents. You will also be in charge of communicating during and after the incident, conveying clear, concise messages to technical and non-technical stakeholders in accordance with the communication strategy. You have a keen ability to anticipate obstacles and questions, aiming to posture the Incident Response team proactively where possible and you will have the agility to maneuver within the complexities associated with Live Nation Entertainment's global reach as it relates regulations, policies and procedures. Additionally, you will have an exceptional ability to build trusted-working relationships between cross-functional teams and vendors, seeking to continuously improve the shared processes and feedback received. You will hold a highly influential position, providing skills assessment, training, and performance management of the global incident response analysts. You are eager to lead, fostering a culture of positivity, transparency and continuous improvement.

What This Role Wil Do:
• Act as Major Incident Manager for all Cyber Security related incidents including directing and managing all activities related to the Incident Response Process.
• Works closely with the Security Assurance, Cyber Threat Intel, and Cyber Defense teams to proactively prepare, detect, and mitigate against cyber threats utilizing industry information security best practices.
• Accountable for new process documentation, documentation updates, and continuous improvement activities as they relate to the Incident Response and communications processes.
• Utilize team metrics to drive continuous improvement activities, projects, and team productivity.
• Collaborate with sister team to streamline processes and provide support to execute Information Security OKRs.
• Own and manage the Incident Response Team internal action playbooks and knowledgebase, ensuring it is kept up-to-date and relevant to the changing cyber landscape
• Plan, organize and strategize responses to incidents and obtain useful forensic information from the evidence submitted, taking into consideration the requirements by agency regulations, federal and state laws and company policies as they apply.
• Drive incidents to resolution while ensuring timely communications in accordance with Communication Strategy.
• Conduct Lessons Learned briefings and use the findings to update processes, provide reports, close security gaps, and provide handoff tuning and monitoring actions team as appropriate.Manage career development for team members, including training and mentoring, conducting performance reviews and exhibiting behaviors to be modeled by team members.
• Champion strategic vision and roadmap for future Incident Response and CISP initiatives.
• Plan and manage projects and delegated tasks as assigned by Leadership.
• Drive a culture of inclusiveness and team unity to deliver exceptional customer services within the team and to our partner teams.
• Research and stay current on the latest trends, best practices, and technology developments.
• Manage and participate in on-call weekly rotations (required)

What This Person Will Bring:
• Understanding of major cyber security incident practices and how to analyze and use data gathered during the investigation to aid in the decision-making process
• The ability to translate the technical information into easily interpreted content for non-technical personnel
• Experienced in managing small- and large-scale incidents that include members from technical, external and executive teams
• Practical understanding of incident response and knowing when to apply in-depth investigations and determine what data to collect at the various levels
• Understanding of digital forensic collection
• Understanding of network forensic analysis in real-time or historically, to assist with incident scoping of adversary activity and data discovery through packet captures
• Practical application of digital forensic investigative processes
• Understand malware identification and analysis
• Running containment and remediation playbooks
• Identify opportunities to collect additional evidence based on the existing security tools within the network architecture
• Working knowledge of security best practices and common threats associated with cloud computing
• Perform data analysis against large datasets utilizing various techniques to identify correlations across multiple data types including structured and unstructured data to identify adversary activity
• Track incidents from beginning to end with clear and well-organized documentation and provide high-level summary analysis to leadership during and after an incident

Qualifications:
• 4+ years of Information Technology management experience
• 4+ years of Information Security experience
• 4+ years of Linux/Unix, Mac and Windows system analysis experience
• Technical Cyber Security Certification(s): GCFE, GCFA, GFNA and EnCE - EnCase Certified Examiner
• BA/BS in Computer Science, Information Security, or Information Systems or equivalent related work experience
• Experience working in an enterprise and management of a wide range of security tools such as IDS/IPS (network and host), advanced anti-malware (network and endpoint), DLP, encryption, anti-virus, firewalls, identity management, NAC, etc.
• Familiarity with security standards NIST Cyber Security Framework, NIST SP800-61 R2 and ISO/IEC 27035
• Understanding of security threats, vulnerabilities, and incident response
• Basic understanding of electronic discovery and analysis including legal requirements
• Technical knowledge of Windows an

[more...]

Jobcode: Reference SBJ-g34k9x-18-118-140-108-42 in your application.