Job Summary
UK/EMEA- SOC Analyst (P-2)
UK (0800 AM - 1600 PM GMT)/EMEA (0900 AM - 1700 CET)
Live Nation Entertainment - Cybersecurity Security Operations
About Us
Live Nation Entertainment is the world's largest live entertainment company, composed of global market leaders: Ticketmaster, Live Nation Concerts, and Live Nation Media & Sponsorship. With 550 million fans and operations in over 40 countries, our security mission is to ensure those experiences remain uninterrupted and safe. The Detection and Response Team (DART) plays a key role in maintaining that trust, security, and resilience.
Job Purpose
As a UK/EMEA SOC Analyst, you will serve on the frontline, helping guide real-time incident response and contributing to improve team capabilities. This role will be responsible for monitoring, triaging, and investigating cybersecurity threats within the organization's network and environments.
Key Responsibilities
* Participate in security operations shift activities to ensure effective detection triage and investigation.
* Continuously monitor security systems and tools for suspicious activities and potential security incidents.
* Document security incidents and provide recommendations for security improvements.
* Participate as an investigator in incident response scenarios.
* Promote a culture of collaboration, accountability, and continuous improvement across shifts.
* Contribute to the creation and refinement of playbooks and operational procedures.
Security Operations Activities
* Monitor and triage security alerts using SIEM, EDR, and NDR platforms.
* Perform in-depth investigations into potential threats, applying TTP-based analysis and leveraging internal tools.
* Collaborate with business units and technical teams during incident response to gather context and execute containment or remediation.
* Support in the creation of documentation and recommendations post-incident reviews and incident reports.
* Participate in tuning detection content and use-case development in partnership with threat detection teams.
Required Qualifications
* Bachelor's degree (or higher) in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field.
* Experience with SIEM, EDR, NDR, and DFIR toolsets.
* In-depth understanding of attacker TTPs (MITRE ATT&CK) and strong investigative mindset.
* Experience responding to incidents in cloud environments (AWS, Azure, GCP).
* Excellent written and verbal communication skills, especially in cross-functional and high-pressure scenarios.
* Ability to guide and inspire analysts of varying experience levels.
Preferred Certifications
* One of the following (or equivalent experience):
* GIAC Security Expert (GSE)
* GIAC Certified Incident Handler (GCIH)
* GIAC Certified Intrusion Analyst (GCIA)
* GIAC Certified Incident Handler (GCIH)
* GIAC Certified Intrusion Analyst (GCIA)
* CompTIA Cybersecurity Analyst (CySA+)
* Microsoft Certified: Cybersecurity Architect Expert or AWS Certified Security
* CompTIA Security Plus (Sec +)
Additional Expectations
* Participate in a 24/7 on-call rotation.
* Demonstrate flexibility and ownership during incidents and surge periods.
* Collaborate closely with the SOC managers on planning, capacity tracking, and continuous team/process improvement.
#J-18808-Ljbffr