Cyber Security Incident Response Lead
Live Nation Entertainment
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇬🇧 United Kingdom
Visit company websiteJob Level
Senior
Tech Stack
AWSAzureCloudCyber SecurityGoogle Cloud Platform
About the role
- Capture detailed notes and deliver precise, accurate reports to stakeholders during high-pressure scenarios
- Collect evidence from cyber events and utilize data to build a complete chain of events from initial access through eradication and recovery phases
- Advise and coordinate with Incident Commander by providing trusted expert advice to support the successful conclusion of a cyber incident
- Receive and analyze signals from numerous sources to determine possible causes of alerts
- Conduct, document and report postmortem lessons learned that contribute to the improvement of the team and the organization’s cyber program
- Develop and communicate reports on Cyber Defense TTPs, guidance, and incident findings to various stakeholders
- Advise and collect forensically sound artifacts for inspection to support cyber incidents
- Engage with both technical and non-technical stakeholders in a professional manner both internally and externally to the business on sensitive cybersecurity issues
- Develop training and exercises to promote both team and organizational development to improve delivery during incidents, through the creation and conduction of tabletops and workshops
- Work as part of a global team
- Be the Incident Response SME
Requirements
- Bachelor’s degree in Computer Science, Information Security, or a related field
- 5+ years of experience in Cyber Security Operations type role
- 3+ years of experience specifically in Incident Response type roles that performed event investigations
- Excellent communication skills, with experience delivering executive-level briefings and reports
- Solid understanding of cybersecurity principles, including incident response, policy governance, and compliance requirements
- Experience with security tools such as SIEMs, IDS/IPS, DLP, and vulnerability management platforms
- Strong organizational, time-management, and leadership skills
- Experience in the application of available tooling to defend against cyber threats and hardened existing systems against further attacks
- Experience in response to at least one public cloud vendor (e.g.: AWS, GCP, Azure, etc)
- Experience in response to a variety of system types and applications
- Must be willing to work an on-call rotation
- Excellent analytical and problem-resolution skills to collect/preserve evidence for documentation and reporting
- Certifications: CISSP, GCIH, GCFA, CySA+
- Experience working in large, global enterprises with complex technical infrastructures
- Knowledge of audit frameworks and regulatory compliance requirements (e.g., SOX, GDPR, PCI DSS)
- Familiarity with cloud security architectures and tools (e.g., AWS, Azure, GCP)
- Exceptional ability to remain calm and focused during high-stress situations
- Strong problem-solving and conflict management skills
- A collaborative team player who thrives in a global, cross-functional environment.
Benefits
- Generous vacation
- Healthcare
- Retirement benefits
- Student loan repayment
- Tuition reimbursement
- Six months of paid caregiver leave for new parents including fostering
- Access to free live events through our exclusive employee ticketing program
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cybersecurity operationsincident responseevent investigationscyber defense TTPsevidence collectiondata analysisvulnerability managementcloud security architecturessecurity toolspolicy governance
Soft skills
communication skillsorganizational skillstime-management skillsleadership skillsanalytical skillsproblem-resolution skillscollaborative team playerability to remain calm under pressureconflict management skillsstakeholder engagement
Certifications
CISSPGCIHGCFACySA+