CyberSecurity SOC Analyst

UK/EMEA- SOC Analyst (P-2)

UK (0800 AM - 1600 PM GMT)/EMEA (0900 AM - 1700 CET)

Live Nation Entertainment - Cybersecurity Security Operations

Live Nation Entertainment is the world's leading live entertainment company, comprised of global market leaders: Ticketmaster, Live Nation Concerts, and Live Nation Media & Sponsorship. Ticketmaster is the global leader in event ticketing with over 620 million tickets sold annually and approximately 10,000 clients worldwide. Live Nation Concerts is the largest provider of live entertainment in the world promoting more than 50,000 events annually for nearly 7,000 artists in 40+ countries. These businesses allow Live Nation Media & Sponsorship to create strategic music marketing programs that connect more than 1,200 sponsors with the 145 million fans that attend Live Nation Entertainment events each year. For additional information, visit www.livenationentertainment.com.

Passionate and motivated. Driven, with an entrepreneurial spirit. Resourceful, innovative, forward thinking and committed. At Live Nation Entertainment, our people embrace these qualities, so if this sounds like you then please read on!

With 550 million fans and operations in over 40 countries, our security mission is to ensure those experiences remain uninterrupted and safe. The Detection and Response Team (DART) plays a key role in maintaining that trust, security, and resilience.

As a UK/EMEA SOC Analyst, you will serve on the frontline, helping guide real-time incident response and contributing to improve team capabilities. This role will be responsible for monitoring, triaging, and investigating cybersecurity threats within the organization's network and environments.

• Participate in security operations shift activities to ensure effective detection triage and investigation.
• Continuously monitor security systems and tools for suspicious activities and potential security incidents.
• Document security incidents and provide recommendations for security improvements.
• Participate as an investigator in incident response scenarios.
• Promote a culture of collaboration, accountability, and continuous improvement across shifts.
• Contribute to the creation and refinement of playbooks and operational procedures.

• Monitor and triage security alerts using SIEM, EDR, and NDR platforms.
• Perform in-depth investigations into potential threats, applying TTP-based analysis and leveraging internal tools.
• Collaborate with business units and technical teams during incident response to gather context and execute containment or remediation.
• Support in the creation of documentation and recommendations post-incident reviews and incident reports.
• Participate in tuning detection content and use-case development in partnership with threat detection teams.

• Bachelor's degree (or higher) in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field.
• Experience with SIEM, EDR, NDR, and DFIR toolsets.
• In-depth understanding of attacker TTPs (MITRE ATT&CK) and strong investigative mindset.
• Experience responding to incidents in cloud environments (AWS, Azure, GCP).
• Excellent written and verbal communication skills, especially in cross-functional and high-pressure scenarios.
• Ability to guide and inspire analysts of varying experience levels.

• One of the following (or equivalent experience):
• GIAC Security Expert (GSE)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Intrusion Analyst (GCIA)
• CompTIA Cybersecurity Analyst (CySA+)
• Microsoft Certified: Cybersecurity Architect Expert or AWS Certified Security
• CompTIA Security Plus (Sec +)

• Participate in a 24/7 on-call rotation.
• Demonstrate flexibility and ownership during incidents and surge periods.
• Collaborate closely with the SOC managers on planning, capacity tracking, and continuous team/process improvement.