Cyber Defence Lead Detection Engineer

Job Summary:

Company: Live Nation Entertainment

Department: Trust and Security

Location: UK, remote

Reports to: Senior Manager of Cyber Defence

Working Hours: Full time

Contract Type: Permanent

About us

Live Nation Entertainment is the world’s largest live entertainment company, comprised of global market leaders: Ticketmaster, Live Nation Concerts, and Live Nation Media & Sponsorship. With 550 million fans and operations in over 40 countries, somewhere in the world every 18 minutes a Live Nation Entertainment event takes place. We manage some of the world’s biggest artists, produce some iconic music festivals, oversee world leading venues and, through Ticketmaster, operate one of the largest ecommerce sites. For additional information, visit www.livenationentertainment.com .

Role Description

A Live Nation Entertainment, our goal is to maintain the trust and confidence of our fans, artists, employees and partners. Combined with maintaining the highest level of data security, our handling of information is designed to put the individual in control, ensuring that we handle their information in a way that best serves them and maintaining the highest level of security. Trust and Security identifies and reduces data protection risk, arming the business with industry-leading subject matter expertise as it builds the future of live.

Reporting to the Senior Manager of Cyber Defence, you will be a part of a global, dedicated multidisciplinary team of passionate information security and privacy professionals. You will lead with a strategic, action-oriented mindset focused on performance and accountability as well as align the team’s strategic priorities.

You champion an inclusive environment and foster a broad network – Committed to an environment of engagement, inclusion and respect; enables an environment where all individuals can make a difference; collaborates effectively with leaders across the enterprise.

You engage in intellectual curiosity, agility and experimentation that drives innovation – Integrate diverse views to facilitate breakthroughs; inspire commitment to changes through relevant experiences; challenges others to think differently and creatively.

You are a role model and serve as an active talent champion, coach and mentor – Makes time to coach, mentor and develop talent across the organization; holds management accountable for feedback, coaching and mentoring to team members; advocates a growth mindset for personal development. You build trust and serve as a helpful colleague – Facilitates open deliberation with honest and diverse ideas; influences through listening; promotes others to advance their reputation and visibility through their contributions.

Who you are

Competencies / Skills / Knowledge / Experience

Essential

Knowledge of security tools and technologies such as SIEM, IDS/IPS, firewalls, and antivirus software
Data collection methods and best practices
Ability to tune and measure detection rules
Competency and understanding in CI/CD pipeline
Familiar with Detection-as-code
Understanding of security frameworks such as NIST, ISO 27001, and PCI DSS
Familiarity with scripting languages such as Python or PowerShell
Analytical and problem-solving skills
Excellent written and verbal communication skills
Knowledge of network protocols, operating systems, and applications
Knowledge of malware analysis and forensic techniques
Ability to analyze and interpret security logs and other data
Ability to provide guidance and support to junior SOC analysts
Familiarity with cloud security and virtualization technologies

Desirable

Proven experience in Information Security or similar discipline
Demonstrable experience of Linux/Unix, Mac and Windows system analysis experience
Cyber Threat Intelligence knowledge and/or experience
Familiarity with the Threat Intelligence lifecycle
Experience writing strategic threat reports
Experience working in a large enterprise and management of a wide range of security tools such as IDS/IPS (network and host), advanced anti-malware (network and endpoint), DLP, encryption, antivirus, firewalls, identity management, NAC, etc.
Experience operating in at least one public cloud platform (AWS, GCP, Azure) and other cloud native technologies (Kubernetes, Docker, Terraform)
Familiarity with security standards NIST Cyber Security Framework, NIST SP800-61 R2 and ISO/IEC 27035
Relevant certifications such as Security+, Server+, Linux+ GSEC, GIAC, GCIH, or CISM could be advantageous
Deep understanding of security threats, vulnerabilities
Manage relationships with business partners, management, vendors, and external parties
In-depth technical knowledge of Windows and Unix/Linux based operating systems
Strong organisational, multi-tasking, and time-management skills
Analytical and strategic mindset to overcome obstacles and solve complex problems
Strong organisational skills with the ability to complete tasks assigned in a timely manner
Ability to develop team projects and execute strategic initiatives to completion
Excellent English written and verbal communication skills, additional languages is a plus
Excellent customer service skills required

Behaviours

The following attributes determine how the role will be carried out and are required to be a success

Strong sense of moral character, high-ethical standards, servant-leader and accountability
Flexible and responsive to changing situations. Ability to multitask and prioritise
Self-driven, self-disciplined to perform tasks and complete projects with little to no supervision with a high sense of duty
Exceptional ability to remain calm under stress
Ability to work independently and as part of a team
Have a global mind-set for working with different cultures and backgrounds
Strong attention to detail
Embraces mentorship, knowledge sharing and teaming skills
Travel is at a minimum, but some domestic and international travel is required
Must be willing to be available 24/7 during weekly on-call rotations, including Weekends and Holidays

What the role includes

Work closely with the Global Security Operations Centre (GSOC), and Cyber Threat Intelligence teams to build new tailored security detections.
Build mechanisms that combine multiple detection signals to create higher fidelity threat detections
Design, build, and deploy automation to scale system and infrastructure vulnerability and inventory discovery efforts across numerous endpoints, assets, and locations
Identify trends and build observability into areas that need it
Consult on technology initiatives to provide industry best-practice as a baseline for security observability and detections
Analyse business impact and exposure based on emerging security threats, vulnerabilities, and risks
Participate in the implementation of security controls and measures to protect our network and systems
Stay current with emerging security threats and technologies
Perform risk analysis to find any vulnerability that can have an impact on the company
Generate improvement strategies for better company security

Equal Opportunities

We are passionate and committed to our people and go beyond the rhetoric of diversity and inclusion.

You will be working in an inclusive environment and be encouraged to bring your whole self to work. We will do all that we can to help you successfully balance your work and homelife. As a growing business we will encourage you to develop your professional and personal aspirations, enjoy new experiences, and learn from the talented people you will be working with. It’s talent that matters to us and we encourage applications from people irrespective of their gender identity, race, sexual orientation, religion, age, disability status or caring responsibilities.

#LI-Remote

#LI-SL1

---