Cyber Threat Intel Engineer

Job Description

Live Nation Entertainment is the world's leading live entertainment and eCommerce company, comprised of four market leaders: Ticketmaster.com, Live Nation Concerts, Front Line Management Group and Live Nation Network. Ticketmaster.com is the global event ticketing leader and one of the world's top five eCommerce sites, with over 26 million monthly unique visitors. Live Nation Concerts produces over 20,000 shows annually for more than 2,000 artists globally. Front Line is the world's top artist management company, representing over 250 artists. These businesses power Live Nation Network, the leading provider of entertainment marketing solutions, enabling over 800 advertisers to tap into the 200 million consumers Live Nation delivers annually through its live event and digital platforms. For additional information, visit www.livenation.com/investors.

THE TEAM

The Cyber Defense and Incident Response team operates within the Corporate Information Security and Privacy Organization and are a critical function within Live Nation Entertainment. We specialize in detecting and responding to adverse events within our global network and provide snap response times to mitigate the impact of potential threats.

THE ROLE

As a member of the Cyber Defense and Incident Response team, you will help integrate and apply CTI knowledge of cybersecurity adversary activity into Live Nation Entertainment's detection and response systems and processes. You will have a thorough understanding of the cyber threat landscape and have an exceptional ability to conduct trending and correlation analysis of various cyber intel sources for the purposes of indicator collections, attributions and establishing countermeasures to proactively defends against threat actors.

You will work with a team that shares a common goal – continuously seeking ways to protect Live Nation Entertainment from threats, which will include supporting detection and incident response through intrusion analysis and providing the most up to date intelligence.

We are growing our team to provide threat detection and incident response capabilities for Live Nation Entertainment, this is an exciting time to join!

WHAT THIS ROLE WILL DO
• Track day-to-day emerging cyber events and identify those with the greatest impact on our customers including but not limited to cybercrime, geopolitical escalations influencing cyber activity, and global trends which may affect Live Nation Entertainment
• Work independently and collaboratively to gather, analyze and disseminate intelligence information and brief internal stakeholders and/or leadership as necessary
• Develop indicators of compromise (IOCs) signatures and analytics to optimize cyber defenses for rapid detection capabilities and to reduce noise and false positive alerting
• Perform ongoing threat hunting and content development to enhance and keep up-to-date current threat detections across various detection and prevention tools
• Escalate cybersecurity events according to playbooks and other defined processes
• Assists with data collection, threat hunting, containment, and remediation of threats during incidents
• Develop and maintain new technical and non-technical sources of information, threat research, threat profile development, analysis, briefings, and security awareness notifications
• Establishing a threat modeling methodology to identify, classify, prioritize and report on cyber threats using a structured approach
• Design, develop and maintain a threat intel database as well as develop an IOC lifecycle management for onboarding and offboarding indicators from current detection tools
• Develop a portfolio of historical threat activity, trends and common attack vectors to detect future incidents
• Contribute to continuous improvement and enhancements of current processes and methodologies
• Participate in on-call weekly rotations with other team members (Required)

WHAT THIS PERSON WILL BRING
• 2+ years of experience as a Cyber Threat Intelligence Analyst, conducting intelligence research with a focus on cyber threat analysis or a combination of intelligence and research with threat detection or incident response work
• BA/BS in Computer Science, Information Security, or Information Systems or equivalent related work experience
• Technical Cyber Security Certification(s) required (min. 1): GCTI, GCIA, GDSA, GSEC, GCDA, GDAT etc.
• Experience with programming & scripting languages: Python, JavaScript, Java, PHP, and HTML
• Extensive experience researching, collecting, analyzing and interpreting data
• Exceptional verbal communication and technical writing skills with an ability to effectively interact with and convey information to people who possess varying levels of understanding on applicable topics
• Must be willing to be available 24x7 during weekly on-call rotations
• Must be willing to work non-traditional hours which may occur over weekends and holidays in support of incidents as needed
• Must be able to pass a criminal background check and a US government security clearance if requested
• Exhibit a deep knowledge of adversary techniques and emerging threats that could have a direct or indirect impact on business operations, technology infrastructure and customer trust, with demonstrated application of CTI principles to include adversary methodologies and TTPs, IOCs, and malware analysis
• Experience with different threat types: ransomware, bots, crypto miners, RATs, info stealers, trojans, malicious JavaScript, phishing sites, fake profiles, man-in-the-middle and others
• Technical know-how on extracting threat data (IP's, domains, ports, malware, and malicious communications) from multiple sources
• Experience in investigating threats, utilizing OSINT and other research techniques to uncover threat actors and their TTPs while providing context to threats and reaching conclusions from incomplete or missing data
• Ability to quickly learn and develop proficiency in technical and analytical tools to perform intrusion, link, and pattern analysis
• Experience applying CTI expertise to drive impactful outcomes in cross-domains areas including but not limited to finance, disinformation, targeting, and space
• Ability to apply attack frameworks to tactical intelligence
• Manage relationships with business partners, management, vendors, and external parties
• Travel is at a minimum, but some domestic and international travel is required.
• Exceptional ability to remain calm under stress
• Strong sense of moral character, high-ethical standards and accountability
• Have a global mind-set for working with different cultures and backgrounds
• Highly meticulous with exceptional attention to detail
• Analytical and strategic mindset to overcome obstacles and solve complex problems
• Strong organizational skills with the ability to complete tasks assigned in a timely manner
• Self-driven, self-disciplined to perform tasks and complete projects with little to no supervision with a high sense of duty
• Excellent English written and verbal communication skills, additional languages is a plus
• Excellent customer service skills
• Flexible and responsive to changing situations
• Ability to work independently and as part of a team
• Analysts must have excellent research and global monitoring capabilities, an intuitive understanding of international security ramifications as well as strong communication abilities


[more...]

Jobcode: Reference SBJ-g349m5-3-145-94-251-42 in your application.