This job has expired, please see additional jobs below
IT Security Analyst Security Operations
Entertainment & Media Industry Company
Los Angeles, CA, United States
Job Details - this job has expired, please see similar jobs below
Company is the world’s leading sports and live entertainment company with operations in the following business segments:
•Company Facilities, which with its affiliates owns, manages or consults with more than 120 venues
•Company Presents, which is one of the largest live music companies in the world dedicated to live contemporary music performances, including producing and promoting global and regional concert tours, music events and world-renowned festivals
•Company Sports, which is the world’s largest operator of sports franchises and high-profile sporting events
•Company Global Partnerships, which supports each of Company’s divisions through worldwide sales and servicing of sponsorships including naming rights, premium seating and other strategic partnerships
•Company Real Estate, which develops major sports and entertainment districts worldwide
With offices on five continents, the company uses its global network of venues, portfolio of powerful sports and music brands, ticketing and content distribution platforms and its integrated entertainment districts to deliver the most creative and innovative live sports and entertainment experiences that inspire athletes, teams, artists and fans.
As part of a cross-functional Information Security & Compliance team, the IT Security Analyst (Security Operations) is responsible for security operations including log analysis, vulnerability analysis, and threat analysis. This role evaluates the type and severity of security events leveraging their in-depth knowledge of exploits and vulnerabilities, and works with the Security Engineer in investigating and responding to security incidents. This role works across other IT functions including application development to assist with application testing, and infrastructure to assist with penetration testing, vulnerability management, and patch management. The IT Security Analyst works with the Information Risk & Compliance team to analyze threat models and security requirements to ensure implementation of technology appropriately mitigates risks. This role is responsible for managing multiple projects while maintaining technical currency with emerging security technologies.
•Monitor and respond to information security incidents and support the Information Security & Compliance team in security investigations leveraging insourced and outsourced tools and services.
•Build and analyze reports compiled from various security tools to identify and anticipate patterns of attack and manage and report on the overall threat landscape.
•Work with Security Engineering and Operations team to build, maintain and operate the Security Operations Center and blend information gathered from internal knowledge, professional network and Managed •Security Service Providers.
•Develop and maintain the Incident Response plan including procedures for incident response, forensic investigation and mitigation of security events.
•Maintain and operate vulnerability management process and tools and work with infrastructure and application development staff to keep systems current and effectively manage risk.
•Review and document security related change requests and advise management on approval decisions.
•Support the execution and coordination of application and infrastructure penetration testing.
•Collaborate with peers across affiliate companies to share incident information, solutions and best practices
•Maintain technical currency and continuously leverage opportunities to strengthen skills and broaden expertise.
Required Qualifications:
•A minimum education level of: BA/BS Degree (4-year) in Information Technology, CS/Engineering, Economics, or Business
•A minimum of 2-4 years of related work experience
•Experience in working with security operations tools including anti-malware, AV, IPS/IDS, SIEM.
•Experience in managing and operating vulnerability/patch management processes and tools.
•Excellent written and verbal communication skills with the ability to explain technical concepts to a non-technical audience.
•Conceptual understanding with deep knowledge in a few security subject areas and broad knowledge over multiple security subject areas and applied experience.
•Experience with security industry standards (ISO 27001, NIST Cybersecurity Framework) and best practices
•Experience in coordinating and performing application and infrastructure penetration testing.
•A thorough understanding of tools, policies and standards related to security systems and experience in executing incident response process and procedures.
•Demonstrated commitment to continuing education to strengthen skills, broaden expertise and maintain currency with emerging technology.
•Project management experience (planning, organizing, coordinating consulting resources) and the ability to manage outsourced services and resources.
•Must be well versed in incident management, threat management, and vulnerability management.
•Experience working across teams to prevent, identify, and effectively recover from security incidents.
•Proven experience identifying vulnerabilities, anticipate threats, and leveraging a practical approach to reduce the likelihood or impact of a breach.
Preferred Qualifications:
•Scripting skills (e.g. Python, powershell, shell scripting)
•IT security certifications (CISSP, CISM, CISA, GIAC, CEH or similar)
Company reserves the right to change or modify the employee’s job description whether orally or in writing, at any time during the employment relationship. Company may require an employee to perform duties outside his/her normal description.