For more than 20 years, AEG has played a pivotal role in transforming sports and live entertainment. Annually, we host more than 160 million guests, promote more than 10,000 shows and present more than 22,000 events around the world. We are committed to innovation, artistry, and community, and leverage the power of our 300+ venues, leading sports franchises, marquee music brands, integrated entertainment districts, premier ticketing platform and global sponsorship activations, to create memorable moments that give the world reason to cheer.
Our business is interwoven with the human mind and heart, and we strive to build a diverse and inclusive company that reflects the artists, athletes, and fans that we host; reach beyond traditional boundaries to support the communities in which we operate; and minimize our impact on the environment by adopting sustainable practices throughout our business operations.
If you want to be challenged to up your game and make a difference, then join us in giving the world reason to cheer!
As part of a cross-functional CISO Organization, the Senior SOC Analyst/Engineer (Security Operations) is responsible for security operations including log analysis, application security analysis, vulnerability analysis, incident response, and threat analysis. This role evaluates the type and severity of security events leveraging their in-depth knowledge of exploits and vulnerabilities, and works with the Senior Security Engineer in investigating and responding to security incidents. This role works across other IT functions including application development to assist with application and infrastructure security testing to identify application vulnerabilities and remediation methods. The Senior Security Engineer works with the Information Risk & Compliance team to analyze threat models and security requirements to ensure implementation of technology appropriately mitigates risks. This role is responsible for managing multiple projects while maintaining technical currency with emerging security technologies.
- Monitor and respond to information security incidents and support the Information Security & Compliance team in security investigations leveraging insourced and outsourced tools and services.
- Build and analyze reports compiled from various security tools to identify and anticipate patterns of attack and manage and report on the overall threat landscape.
- Work with Security Engineering and Operations team to build, maintain and operate the Security Operations Center and blend information gathered from internal knowledge, professional network and Managed Security Service Providers.
- Develop and maintain the Incident Response plan including procedures for incident response, forensic investigation and mitigation of security events.
- Track and report metrics which may include Mean Time to Detection (MTTD), Mean Time to Resolution (MTTR), Total alerts/incidents per month, Types of alerts/incidents, escalation breakdown, significant SNOW tickets, and others as required
- Review and document security related change requests and advise management on approval decisions.
- Respond to alerts, perform remedial actions, prioritize, investigate, and escalate responses according to the AEG Incident Response Policy and AEG Incident Playbooks
- Collaborate with peers across affiliate companies to share incident information, solutions and best practices
- Maintain technical currency and continuously leverage opportunities to strengthen skills and broaden expertise.
- BA/BS Degree (4-year) Information Technology, CS/Engineering, Economics, or Business
- 4-6 years Related work experience
- Experience in working with security operations tools including anti-malware, AV, IPS/IDS, SIEM, CASB, SSO, MFA, Spam filtering, DLP.
- Experience in managing and operating vulnerability/patch management processes and tools.
- Experience with security industry standards (ISO 27001, NIST Cybersecurity Framework) and best practices
- Experience working across teams to prevent, identify, and effectively recover from security incidents.
- Proven experience identifying vulnerabilities, anticipate threats, and leveraging a practical approach to reduce the likelihood or impact of a breach.
- Experience developing automated response through Azure workbooks and automation Preferred
- Security Tool Experience (Carbon Black, Netskope, Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft Compliance, or similar) Preferred
- PCI compliance experience (knowledge of how to secure infrastructure, systems, and applications for PCI compliance) Preferred
- Cloud experience securing workloads, network security groups, and VMs in Microsoft Azure. Preferred
- Excellent written and verbal communication skills with the ability to explain technical concepts to a non-technical audience.
- Conceptual understanding with deep knowledge in a few security subject areas and broad knowledge over multiple security subject areas and applied experience.
- A thorough understanding of tools, policies and standards related to security systems and experience in executing incident response process and procedures.
- Demonstrated commitment to continuing education to strengthen skills, broaden expertise and maintain currency with emerging technology.
- Project management experience (planning, organizing, coordinating consulting resources) and the ability to manage outsourced services and resources.
- Must be well versed in incident management, threat management, and vulnerability management.
- Scripting / Programming skills (e.g. Python, powershell, shell scripting, web development, .NET, Java, GitHub) Preferred
- Cloud Infrastructure Certifications (AWS Solutions Architect, Azure Architect, Google Compute or similar) Preferred
- CISSP Certified Information Systems Security Professional IT security certifications (CISSP, CISM, CISA, GIAC, CEH or similar) Preferred
- CISM - Certified Information Security Manager
- Certified Information Systems Auditor (CISA)
- Certified Ethical Hacker (CEH)
- CIC - Certified in Infection Control Cloud Infrastructure Certifications (AWS Solutions Architect, Azure Architect, Google Compute or similar) Preferred
- Penetration Testing Certifications (GIAC GPEN, OSCP or similar) Preferred
AEG reserves the right to change or modify the employee’s job description whether orally or in writing, at any time during the employment relationship. AEG may require an employee to perform duties outside his/her normal description.