IT - Lead Security Engineer

Los Angeles, CA

Creative Artists Agency

View company page

Job Description

Who We Are

Creative Artists Agency (CAA) is the leading entertainment and sports agency, with global expertise in filmed and live entertainment, digital media, publishing, sponsorship sales and endorsements, media finance, consumer investing, fashion, trademark licensing, and philanthropy. Distinguished by its culture of collaboration and exceptional client service, CAA’s diverse workforce identifies, innovates, and amplifies opportunities for the people and organizations that shape culture and inspire the world. The trailblazer of the agency business, CAA was the first to build a sports business, create an investment bank, launch a venture fund, found technology start-up companies, establish a philanthropic arm, build a business in China, and form a brand marketing services division, among other innovations. Named Most Valuable Sports Agency by Forbes for eight consecutive years, CAA represents more than 2,000 of the world’s top athletes in football, baseball, basketball, hockey, soccer, in addition to coaches, on-air broadcasters, and sports personalities and works in the areas of broadcast rights, corporate marketing initiatives, social impact, and sports properties for sales and sponsorship opportunities. Founded in 1975, CAA is headquartered in Los Angeles, and has offices in New York, Nashville, Memphis, Chicago, Miami, London, Munich, Geneva, Stockholm, Shanghai, and Beijing, among other locations globally. 


This is a hands-on security position working within the Information Security group and with the internal IT department at large. This position’s core focus is to ensure consistent, measurable end-to-end delivery of security services. The successful candidate will work to develop and deploy capabilities ensuring enterprise systems and data are protected with the security controls and tools required to meet policy and compliance requirements. 

We are looking for candidates who have a passion for cyber security, threat detection, risk mitigation and response. You will be a key leader in our efforts to build and support a defensible environment where we can detect, contain and respond quickly to threats and compromise in ways that enable the business needs a highly collaborative organization. The environment is fast-paced and commonly on the leading edge of technology, including early adoption of various cloud services along with the challenges of integrating those services into our security practice. 


  • Responsible for the development of end-to-end security monitoring and reporting; ensuring expected controls are in place and performing as designed 

  • Review the designs of proposed major applications and upgrades for compliance with security policy; perform routine security audits, report findings, and recommend related system enhancements 

  • Evaluate new and emerging threats against existing security controls; ensuring controls remain effective to changing business and threat landscapes 

  • Play a lead role in CAA’s security incident response efforts, working to identify and mitigate information security threats, including on-call rotation

  • Mentor co-workers on the security team and cross-train as needed

  • Review security information, event logs, alerts, and reports, provide findings and recommendations

  • Design, test, and implement new playbooks for the cyber security incident responders

  • Apply governance principles to the identification, assessment, management and communications of risks

  • Manage software that monitors systems and networks for security breaches and intrusions

  • Write, test, and maintain automation scripts/workflows within SEIM/SOAR platforms

  • Author and maintain documentation for all scripts, integrations, workflows, playbooks and business processes and present on such to key stakeholders

  • Use input from IRM leadership and key security metrics to ensure technical security controls are meeting desired objectives; implement a process of continual review and improvement to ensure the measurable effectiveness of CAA’s technical controls 

Required Capabilities 

  • 10+ years in Information Technology, ideally with a mixed focus on infrastructure and development projects and services 

  • 5+ years’ experience in information security  

  • 3+ years of hands-on experience in security engineering

  • 3+ years’ experience in building, designing and maintaining enterprise security applications and tooling

  • 3+ years’ experience with large-scale log aggregation and SIEM technologies, such as Splunk, ELK, AlienVault or ArcSight

  • 5+ years’ experience advanced coding in at least one of the following languages:  PowerShell, Python, Java, JavaScript or equivalent languages

  • 3+ years of SOAR implementation and development

  • Strong understanding of the fundamental operations of servers, operating systems (Windows, macOS, and Linux), networks, cloud applications, and infrastructure

  • Expert knowledge of the key controls required for secure operation of these systems

  • Deep experience and knowledge of working in an Azure and AWS environments

  • Strong knowledge of securing cloud architecture

  • Organized and methodical approach to making improvements on past organizations security programs 

  • Experience designing and maintaining controls to support the secure delivery of applications through continuous development and continuous integration processes 

  • Experience building and managing frameworks to test and validate the effective operation of security controls; measuring the ability to stop threats and attacks at the earliest point in the kill chain

  • Strong interpersonal skills and the ability to work effectively with people in a wide range of levels.


  • Bachelor's or Master's Degree in a relevant field of work 

  • Cybersecurity certification from GIAC, (ISC)2, SANS, or CompTIA such as CISSP, CCSP, GCFE, GSEC, Security+, CySA+, CASP+ 

  • DLP (Data Loss Prevention) experience management policies and alerting on suspicious behavior 

  • background working within or implementing a secure development lifecycle 

  • network security; firewall management, network micro segmentation, IPS/IDS 

  • building and using REST APIs

  • identity and access management experience. Privileged identity management including use of PIM and PAM tooling

  • experience resolving technical issues throughout all stages of Software Development Life Cycle

  • Experience in security related tooling: Illumio, CrowdStrike, AttackIQ, Proofpoint, ZScaler, LastPass, Ping Federate, Threat Metrix, PKI

  • an understanding of the NIST framework and using a continuous improvement loop


CAA has a service oriented collaborative environment where we help our colleagues then focus on our own work.  


This hybrid role requires 3 days onsite (Tuesday, Wednesday and Thursday) in our LA office.


The annual base salary for this position is in the range of $154,000 - $202,000. This position also is eligible for benefits and discretionary bonus. Ultimately, the salary may vary based upon, but not limited to, relevant experience, time in role, business sector, and geographic location, among other criteria. Please talk with a CAA Recruiter to learn more.

Creative Artists Agency, LLC (the “Company”) is committed to a policy of Equal Employment Opportunity and will not discriminate on the basis of race (inclusive of traits historically associated with race, including hair texture and protective hairstyles), color, religion, creed, gender or sex (including pregnancy, childbirth, breastfeeding or related medical conditions), national origin, ancestry, age, physical disability, mental disability, medical condition, genetic information, family and medical care leave status, military or veteran status, marital status, family status, sexual orientation, gender identity, gender expression, political affiliation, an employee’s or their dependent’s reproductive health decision making (e.g., the decision to use or access a particular drug, device or medical service), or any other characteristic protected by applicable law.

The Company also complies with the Americans with Disabilities Act and applicable state and local laws with regard to providing reasonable accommodation for qualified individuals with disabilities.

CAA does not accept unsolicited resumes from third-party recruiters unless they were contractually engaged by CAA to provide candidates for a specified opening. Any such employment agency, person or entity that submits an unsolicited resume does so with the acknowledgement and agreement that CAA will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency, person or entity.

Apply now Apply later
  • Share this job via
  • or

Tags: AlienVault APIs ArcSight AttackIQ Audits Automation AWS Azure CASP+ CCSP CISSP Cloud Compliance CompTIA CrowdStrike ELK Finance Firewalls GCFE GIAC Governance GSEC IAM IDS Incident response IPS Java JavaScript Linux MacOS Monitoring Network security NIST PKI PowerShell Python SANS SDLC SIEM SOAR Splunk Threat detection Windows

Perks/benefits: Health care Medical leave Salary bonus Startup environment

Region: North America
Country: United States
Job stats:  7  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.