Live Nation Entertainment is the world's leading live entertainment and eCommerce company, comprised of four market leaders: Ticketmaster.com, Live Nation Concerts, Front Line Management Group and Live Nation Network. Ticketmaster.com is the global event ticketing leader and one of the world's top five eCommerce sites, with over 26 million monthly unique visitors. Live Nation Concerts produces over 20,000 shows annually for more than 2,000 artists globally. Front Line is the world's top artist management company, representing over 250 artists. These businesses power Live Nation Network, the leading provider of entertainment marketing solutions, enabling over 800 advertisers to tap into the 200 million consumers Live Nation delivers annually through its live event and digital platforms. For additional information, visit www.livenation.com/investors.
The Cyber Defense and Incident Response team operates within the Corporate Information Security and Privacy Organization and are a critical function within Live Nation Entertainment. We specialize in detecting and responding to adverse events within our global network and provide snap response times to mitigate the impact of potential threats.
As a member of the Cyber Defense team, you will help provide the first layer of defense by monitoring and analyzing alerts triggered by our detection tools to intercept and prevent cyberattacks.
You will be the subject matter expert in identifying real cyber threats and perform necessary remediation actions to protect our global network.
You will work with a team that shares a common goal – continuously seeking ways to enhance current threat detections and response capabilities and assist with the development and refinement of our alerts across multiple tools.
We are growing our team to provide threat detection and incident response capabilities for Live Nation Entertainment, this is an exciting time to join!
WHAT THIS ROLE WILL DO
• Prepare, detect, respond and mitigate cyber threats, protecting Live Nation Entertainment data and assets utilizing industry information security best practices as a member of our Detection and Response Team that provides 24x7 defensive coverage
• Triage security incidents and perform in-depth analysis utilizing various resources such as cyber threat intelligence, intrusion detection systems, firewalls and other boundary protection devices
• Optimize cyber defenses with proven threat detections and intelligence; reducing noise and false positive alerting
• Escalate cybersecurity events according to playbooks and other defined processes
• Assists with data collection, threat hunting, containment and remediation of threats during incidents
• Conducts threat hunting activities based on internal and external threat intelligence
• Creates well-documented tickets to track alerts and incidents worked and manage tickets within the internal and external ticketing systems
• Responsible for creating and maintaining accurate records of documented processes, investigation and incident timelines and incident reports
• Assists with service requests from customers and internal teams
• Provides executive facing written updates and reports
• Assists in training/mentoring junior team members as needed
• Configure and manage security tools and platforms to optimize the intelligence value of alerts and logs
• Design and develop methodologies to highlight anomalous and adversary activities
• Develop dashboards within the tools for a tactical approach to analyzing relevant alerts and logs
• Manage relationships with business partners, management, vendors, and external parties
• Knowledgeable in business industry standard security incident response process, procedures, and lifecycle
• Stay up-to-date with emerging security threats and containment techniques, by collaborating with the Cyber Threat Intelligence team
• Participate in on-call weekly rotations with other team members (Required)
WHAT THIS PERSON WILL BRING
• 1+ years of experience in a security operation center (SOC) analyst role
• BA/BS in Computer Science, Information Security, or Information Systems or equivalent related work experience
• Technical Cyber Security Certification(s) required (min. 1): GSEC, GMON, GCED, GCDA, GDAT etc.
• Technical knowledge and experience with hardware & software as well as Windows/Linux/Mac Operating System
• Knowledge of threat analysis, incident response and network security
• Understanding of network architecture and security infrastructure placement
• Experience performing technical analysis of alerts from various cyber security detection tools
• Required to be available 24x7 during weekly on-call rotations
• Required to work various 12-hour shifts, including weekends and holidays, supporting the 24x7 Threat Detection and Response Team
• First-hand experience with SIEM platforms, enterprise intrusion prevention systems, endpoint detection and response tools, and other security products
• Ability to detect and defend against commonly-used attack tactics, techniques and procedures (TTPs) against known attack surfaces such as identity, email, endpoint, network and cloud
• Identify network and endpoint traffic activity to find patterns that warrant further investigation
• Effectively and quickly parse and filter large data sets, using scalable technologies such as Splunk, Elk Stack etc.
• Perform comprehensive analytics of current and historical logs to fill knowledge gaps
• Perform low-level as well as deep-dive analysis to identify potential threats, indicators of compromise (IOCs) and root cause analysis
• Comprehensive knowledge of relevant attack surfaces and security threats
• Provide superior internal and external customer support, ability to walk-through remediation actions to non-technical audiences
• Strong sense of moral character, high-ethical standards and accountability
• Have a global mind-set for working with different cultures and backgrounds
• Highly investigative mindset with the ability to detect patterns across seemingly unrelated events
• Highly meticulous with exceptional attention to detail
• Analytical and strategic mindset to overcome obstacles and solve complex problems
• Strong organizational skills with the ability to complete tasks assigned in a timely manner
• Self-driven, self-disciplined to perform tasks and complete projects with little to no supervision with a high sense of duty
• Excellent English written and verbal communication skills, additional languages is a plus
• Exceptional ability to remain calm under stress
• Excellent customer service skills
• Flexible and responsive to changing situations
• Ability to work independently and as part of a team
BENEFITS & PERKS
Our motto is 'Taking Care of Our Own' through 6 pillars of benefits:
• HEALTH: Medical, Vision and Dental benefits for you and your family, including Flexible Spending Accounts (FSA) and Health Savings Accounts (HSAs)
• YOURSELF: Generous paid time off policy including paid holidays, sick time and paid days off for your birthday, Free concert tickets
• WEALTH: 401(k) program with company match, Stock Program
• FAMILY: New parent programs & support including caregiver leave and childcare cash, infertility support
• CAREER: Tuition reimbursement, student loan repayment internal growth and development programs & trainings
• OTHERS: Volunteer time off, crowdfunding netwo
Jobcode: Reference SBJ-d2pw06-34-239-173-144-42 in your application.