Manager, Cyber Defense

Job Summary:WHO ARE WE?Live Nation Entertainment is the world’s leading live entertainment and eCommerce company, comprised of four market leaders: Ticketmaster, Live Nation Concerts, Artist Nation and Live Nation Media & Sponsorship.  Ticketmaster is the global event ticketing leader and one of the world’s top five eCommerce sites, with over 26 million monthly unique visitors.  Live Nation Concerts is the largest provider of live entertainment in the world promoting more than 40,000 shows and 100+ festivals annually for nearly 4,000 artists in over 40 countries.  Artist Nation is the world’s top artist management company, representing over 250 artists.  These businesses allow Live Nation Media & Sponsorship to create strategic music marketing programs that connect over 1,000 brands with the 98 million fans that attend Live Nation Entertainment events each year.WHO ARE YOU?Passionate, motivated and driven with an entrepreneurial spirit.  Resourceful, innovative, forward thinking and committed. At Live Nation Entertainment, our people embrace these qualities, so if this sounds like you then please read on! THE TEAMThe Cyber Defense and Incident Response team operates within the Corporate Information Security and Privacy Organization and are a critical function within Live Nation Entertainment.  We specialize in detecting and responding to adverse events within our global network and provide snap response times to mitigate the impact of potential threats.THE ROLEAs the Manager of the Cyber Defense team, you will help provide the first layer of defense by continuously seeking way to enhance current detections by leveraging innovative automation techniques that improve detection and response times to intercept and defend against cyberattacks.You will be the subject matter expert in all things related to threat detection and response.  Learning how the adversary operates and their key objectives is imperative to protecting and defending against damage to mission critical systems.  Detecting these precursors allow the team to respond quickly to reduce the risk to the organization.You will work with a team that shares a common goal – continuously seeking ways to enhance threat detection and response by developing a robust team of SMEs that share the ownership of mission and duty to protect the global organization. We are growing our team to provide threat detection and incident response capabilities for Live Nation Entertainment, this is an exciting time to join!WHAT THIS PERSON WILL DO:Prepare, detect, respond and mitigate against cyber threats, protecting Live Nation Entertainment data and assets utilizing industry information security best practicesLead a geographically dispersed team of technical detection and response analysts who are responsible for monitoring, detecting, triaging, and responding to security events and incidents in Live Nation Entertainment’s 24x7 global networkImplementation of detection methodologies with a solid understanding of how to baseline network traffic and monitor for anomalous activity for early detection and mitigationResponsible for all management activities related to the Threat Detection and Response team’s operations including people management, training, and mentoring of direct reportsLeverage automation and orchestration solutions to automate repetitive tasksNetwork, collaborate and engage multiple internal and external teams and subject matter experts to address cyber security issues to reduce overall organizational riskContribute to and support team projects and strategic initiatives, including improving current workflows and processes to mature our monitoring and response capabilitiesAssist with incident response as events are escalated to include threat hunting, data collection/analysis, triage, containment, remediation and documentationChampion process documentation and lessons learned to improve team efficiency and consistency for scalable response operations to ensure continuous improvement of internal playbooksDevelop and deliver metrics that measure the team’s efficiency and effectiveness to leadershipManage career development for team members, including training and mentoring, conducting performance reviews and exhibiting behaviors to be modeled by team membersDrive a culture of inclusiveness and team unity to deliver exceptional customer services within the team and to our partner teamsResearch and stay current on the latest trends, best practices, and technology developmentsParticipate in on-call weekly rotations with other team members (Required)WHAT THIS PERSON WILL BRINGIdentification and understanding how malware and threat actors operate at a functional level as well as understanding their main objectives to reduce the potential spread and impactDemonstrate knowledge of relevant data sources to log in the SIEMUtilize threat detection and other tools to analyze event logs to prevent and detect adversary attacksExperience with containment, eradication and remediation while preserving forensic artifacts for analysisPractical level of understanding of security benchmarks and hardening of devices to reduce their attack surface both physical and cloud devicesInnovative Content Development. Develop detection rules that perform aggregate and correlated activity detections across the security stack leveraging API automation integrationsExperience with escalating and participating in small- and large-scale incident response activities to include threat hunting, containment and remediationTechnical Savvy.  Must be able to design and implement dashboards, reports and queries using various query and scripting languagesAbility to reverse engineer how a network or endpoint was compromised to develop new detections to prevent future attacks of the sameConsistent and proven ability to generate well-organized notes at a high-level and ability to document timelines of events and incidents in the internal ticketing systemTECHNICAL QUALIFICATIONSBA/BS in Computer Science, Information Security, or Information Systems or equivalent related work experience8+ years of Information Technology experienceMember of a Security Operations Center (SOC)Security Incident Response Analyst or supporting function (2 years minimum)eDiscovery or related role performing forensic functions2+ years of Information Security and Incident Response or similar discipline2+ years of Linux/Unix, Mac and Windows system analysis experienceTechnical Cyber Security Certification(s) required (min. 1): GCED, GCDA, GDAT etc.Experience working in a large enterprise and management of a wide range of security tools such as IDS/IPS (network and host), advanced anti-malware (network and endpoint), DLP, encryption, anti-virus, firewalls, identity management, NAC, etc.Familiarity with security standards NIST Cyber Security Framework, NIST SP800-61 R2 and ISO/IEC 27035Experience with threat modeling concepts such as threat indicators, threats actors and attack surfacesUnderstanding of network architecture and security infrastructure placementExperience with SIEM technologies (i.e. ArcSight, Splunk, Elk Stack)In-depth technical knowledge of Windows and Unix/Linux based operating systemsTravel is at a minimum, but some domestic and international travel is requiredMust be willing to be available 24x7 during weekly on-call rotationsMust be willing to work non-traditional hours which may occur over weekends and holidays in support of incidents as neededExceptional ability to remain calm under stressMust be able to pass a criminal background check and a U.S. government security clearance if requestedIDEAL PERSONAL CHARACTERISTICSStrong sense of moral character, high-ethical standards, servant-leader and accountabilityVery strong leadership skills with the ability to maintain team composure during times of high stressHighly meticulous with exceptional attention to detailAnalytical and strategic mindset to overcome obstacles and solve complex problemsHave a global mindset for working with different cultures and backgroundsStrong organizational and time-management skills with the ability to complete tasks assigned in a timely mannerAbility to develop team projects and execute strategic initiatives to completionStrong negotiation, influence, mediation & conflict management skillsEmbraces mentorship, knowledge sharing and teaming skillsExcellent English written and verbal communication skills, additional languages is a plusExcellent customer service skills requiredFlexible and responsive to changing situationsSelf-driven, self-disciplined to perform tasks and complete projects with little to no supervision with a high sense of dutyIf the above description sounds like you and fits your background, apply online at http://www.livenation.com/careers/index.html to join the Live Nation Entertainment team today!Applicants for employment in the U.S. must possess work authorization, which does not require sponsorship by the employer for a visa.EQUAL EMPLOYMENT OPPORTUNITYLive Nation Entertainment strongly supports equal employment opportunity for all applicants regardless of race, color, religion, sex, gender identity, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, sexual orientation, genetic information, or any other characteristic protected by state or federal law.HIRING PRACTICESThe preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.Live Nation Entertainment recruitment policies are designed to place the most highly qualified persons available in a timely and efficient manner. Live Nation Entertainment may pursue all avenues available, including promotion from within, employee referrals, outside advertising, employment agencies, Internet recruiting, job fairs, college recruiting and search firms.This job description is a summary of duties that are expected to be performed. Duties outlined on this job description may not be all-inclusive, and can be modified at any time if requested by management.#LI-EF1#LI-RemoteLos Angeles,CA#LI-RemoteUnitedStates----------The expected compensation for this position in California is:$124,000.00 USD - $155,000.00 USD**Please note that the compensation information provided is a good faith estimate for this position only and is provided pursuant to the California Salary Transparency in Job Advertisements Law. It is estimated based on what a successful California applicant might be paid. It assumes that the successful candidate will be in California or perform the position from California. Similar positions located outside of California will not necessarily receive the same compensation. Live Nation takes into consideration a candidate’s education, training, and experience, as well as the position’s work location, expected quality and quantity of work, required travel (if any), external market and internal value, including seniority and merit systems, and internal pay alignment when determining the salary level for potential new employees. In compliance with the California Law, a potential new employee’s salary history will not be used in compensation decisions.