IT - Lead Security Engineer
Los Angeles, CA
Full Time Senior-level / Expert USD 154K - 202K
Creative Artists Agency
Job Description
Who We Are
Creative Artists Agency (CAA) is the leading entertainment and sports agency, with global expertise in filmed and live entertainment, digital media, publishing, sponsorship sales and endorsements, media finance, consumer investing, fashion, trademark licensing, and philanthropy. Distinguished by its culture of collaboration and exceptional client service, CAA’s diverse workforce identifies, innovates, and amplifies opportunities for the people and organizations that shape culture and inspire the world. The trailblazer of the agency business, CAA was the first to build a sports business, create an investment bank, launch a venture fund, found technology start-up companies, establish a philanthropic arm, build a business in China, and form a brand marketing services division, among other innovations. Named Most Valuable Sports Agency by Forbes for eight consecutive years, CAA represents more than 2,000 of the world’s top athletes in football, baseball, basketball, hockey, soccer, in addition to coaches, on-air broadcasters, and sports personalities and works in the areas of broadcast rights, corporate marketing initiatives, social impact, and sports properties for sales and sponsorship opportunities. Founded in 1975, CAA is headquartered in Los Angeles, and has offices in New York, Nashville, Memphis, Chicago, Miami, London, Munich, Geneva, Stockholm, Shanghai, and Beijing, among other locations globally.
Summary
This is a hands-on security position working within the Information Security group and with the internal IT department at large. This position’s core focus is to ensure consistent, measurable end-to-end delivery of security services. The successful candidate will work to develop and deploy capabilities ensuring enterprise systems and data are protected with the security controls and tools required to meet policy and compliance requirements.
We are looking for candidates who have a passion for cyber security, threat detection, risk mitigation and response. You will be a key leader in our efforts to build and support a defensible environment where we can detect, contain and respond quickly to threats and compromise in ways that enable the business needs a highly collaborative organization. The environment is fast-paced and commonly on the leading edge of technology, including early adoption of various cloud services along with the challenges of integrating those services into our security practice.
Responsibilities
Responsible for the development of end-to-end security monitoring and reporting; ensuring expected controls are in place and performing as designed
Review the designs of proposed major applications and upgrades for compliance with security policy; perform routine security audits, report findings, and recommend related system enhancements
Evaluate new and emerging threats against existing security controls; ensuring controls remain effective to changing business and threat landscapes
Play a lead role in CAA’s security incident response efforts, working to identify and mitigate information security threats, including on-call rotation
Mentor co-workers on the security team and cross-train as needed
Review security information, event logs, alerts, and reports, provide findings and recommendations
Design, test, and implement new playbooks for the cyber security incident responders
Apply governance principles to the identification, assessment, management and communications of risks
Manage software that monitors systems and networks for security breaches and intrusions
Write, test, and maintain automation scripts/workflows within SEIM/SOAR platforms
Author and maintain documentation for all scripts, integrations, workflows, playbooks and business processes and present on such to key stakeholders
Use input from IRM leadership and key security metrics to ensure technical security controls are meeting desired objectives; implement a process of continual review and improvement to ensure the measurable effectiveness of CAA’s technical controls
Required Capabilities
10+ years in Information Technology, ideally with a mixed focus on infrastructure and development projects and services
5+ years’ experience in information security
3+ years of hands-on experience in security engineering
3+ years’ experience in building, designing and maintaining enterprise security applications and tooling
3+ years’ experience with large-scale log aggregation and SIEM technologies, such as Splunk, ELK, AlienVault or ArcSight
5+ years’ experience advanced coding in at least one of the following languages: PowerShell, Python, Java, JavaScript or equivalent languages
3+ years of SOAR implementation and development
Strong understanding of the fundamental operations of servers, operating systems (Windows, macOS, and Linux), networks, cloud applications, and infrastructure
Expert knowledge of the key controls required for secure operation of these systems
Deep experience and knowledge of working in an Azure and AWS environments
Strong knowledge of securing cloud architecture
Organized and methodical approach to making improvements on past organizations security programs
Experience designing and maintaining controls to support the secure delivery of applications through continuous development and continuous integration processes
Experience building and managing frameworks to test and validate the effective operation of security controls; measuring the ability to stop threats and attacks at the earliest point in the kill chain
Strong interpersonal skills and the ability to work effectively with people in a wide range of levels.
Preferred
Bachelor's or Master's Degree in a relevant field of work
Cybersecurity certification from GIAC, (ISC)2, SANS, or CompTIA such as CISSP, CCSP, GCFE, GSEC, Security+, CySA+, CASP+
DLP (Data Loss Prevention) experience management policies and alerting on suspicious behavior
background working within or implementing a secure development lifecycle
network security; firewall management, network micro segmentation, IPS/IDS
building and using REST APIs
identity and access management experience. Privileged identity management including use of PIM and PAM tooling
experience resolving technical issues throughout all stages of Software Development Life Cycle
Experience in security related tooling: Illumio, CrowdStrike, AttackIQ, Proofpoint, ZScaler, LastPass, Ping Federate, Threat Metrix, PKI
an understanding of the NIST framework and using a continuous improvement loop
Environment
CAA has a service oriented collaborative environment where we help our colleagues then focus on our own work.
Location
This hybrid role requires 3 days onsite (Tuesday, Wednesday and Thursday) in our LA office.
Compensation
The annual base salary for this position is in the range of $154,000 - $202,000. This position also is eligible for benefits and discretionary bonus. Ultimately, the salary may vary based upon, but not limited to, relevant experience, time in role, business sector, and geographic location, among other criteria. Please talk with a CAA Recruiter to learn more.
Creative Artists Agency, LLC (the “Company”) is committed to a policy of Equal Employment Opportunity and will not discriminate on the basis of race (inclusive of traits historically associated with race, including hair texture and protective hairstyles), color, religion, creed, gender or sex (including pregnancy, childbirth, breastfeeding or related medical conditions), national origin, ancestry, age, physical disability, mental disability, medical condition, genetic information, family and medical care leave status, military or veteran status, marital status, family status, sexual orientation, gender identity, gender expression, political affiliation, an employee’s or their dependent’s reproductive health decision making (e.g., the decision to use or access a particular drug, device or medical service), or any other characteristic protected by applicable law.The Company also complies with the Americans with Disabilities Act and applicable state and local laws with regard to providing reasonable accommodation for qualified individuals with disabilities.CAA does not accept unsolicited resumes from third-party recruiters unless they were contractually engaged by CAA to provide candidates for a specified opening. Any such employment agency, person or entity that submits an unsolicited resume does so with the acknowledgement and agreement that CAA will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency, person or entity.Tags: AlienVault APIs ArcSight AttackIQ Audits Automation AWS Azure CASP+ CCSP CISSP Cloud Compliance CompTIA CrowdStrike ELK Finance Firewalls GCFE GIAC Governance GSEC IAM IDS Incident response IPS Java JavaScript Linux MacOS Monitoring Network security NIST PKI PowerShell Python SANS SDLC SIEM SOAR Splunk Threat detection Windows
Perks/benefits: Health care Medical leave Salary bonus Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs