Director of Cybersecurity Operations

POSITION: Director of Cybersecurity Operations

DEPARTMENT: Information Technology (IT)

REPORTS TO: VP, IT Security & Compliance

FLSA STATUS: Salaried/Exempt

Legends Global is the premier partner to the world's greatest live events, venues, and brands. We deliver a fully integrated solution of premium services that keeps our partners front and center through our white-label approach.

Our network of 450 venues worldwide, hosting 20,000 events and entertaining 165 million guests each year, is powered by our depth of expertise and level of execution across every component — feasibility & consulting, owner’s representation, sales, partnerships, hospitality, merchandise, venue management, and content & booking — of world-class live events and venues.

The Legends Global culture is one of respect, ambitious thinking, collaboration, and bold action. We are committed to building an inclusive workplace where everyone can be authentic, make an impact, and grow their career.

Winning is an everyday thing at Legends Global. We have the best team members who understand every win is earned when we come together as one unified team.

We are seeking a highly experienced and motivated Director of Cybersecurity Operations (DCO) to lead our security operations team and oversee all aspects of our combined organizations’ security operations. The ideal candidate will have a strong background in security management (both platform management and operating processes), IT risk mitigation, triage/analysis and incident response.

As a DCO, you will be responsible for working closely with ITS&C leadership to develop ITS&C’s daily Operations and Monitoring capabilities, maturing the company’s delivery of operational security practices, and working with global technology, business, and 3rd party vendor teams.

• Provide expertise, analytic capability and operational skill to manage the Legends ITS&C Security Operations team.
• Develop IT SecOps runbooks, playbooks, operational techniques & improvements for IT security controls with the team.
• Lead development of security monitoring, threat hunting and operating procedures at the application, system, tenant, and venue level, using a combination of on-premise, cloud and vendor-supplied technologies.
• Work with 3RD vendor teams to manage 24x7 SOC/NOC operations, including penetration testing efforts and the establishment of notification and escalation paths for triaged events.
• Lead incident response and trouble resolution on complex issues.
• Lead the development of relevant, useful cybersecurity operations KPIs to track and communicate performance, coverage, and contribute to an identification of risk.
• Work with the VP ITS&C to evaluate industry developments, new security requirements, and mature company security processes to meet all emerging threats and needs.
• Mentor & develop Security Operations team capabilities, providing training, guidance and Tier III resolution of complex security issues.
• Maintain awareness of trends and development opportunities within the information security arena, including new threats, defensive capabilities, and technology developments.

To perform this job successfully, an individual must be able to perform each essential duty with energy and enthusiasm.

• B.S. in Technology- or Business-related discipline, or equivalent experience
• Strong background and orientation with IT & cybersecurity requirements and internal controls
• 7-12+ years of experience within IT operations, cybersecurity or consulting functions, including familiarity with on-premises and cloud-based IT environments
• Familiarity with a variety of security platforms, including Bitdefender, Proofpoint, M365/Azure, Darktrace & others. Deep experience with scripting and coding languages such as PowerShell, Python, KQL, PHP & SQL
• Preference given to CISA/CRISC/CGEIT/CISSP/CISM & related/industry certifications, or willingness to pursue.

• Experience with managing cybersecurity requirements within IT and Data Privacy frameworks, such as NIST CSF, SOC(x), PCI-DSS and GDPR
• Demonstrated capability with developing IT communications to internal/external constituents and executive management teams.
• Effective communicator with an ability to translate security analyses into understandable, actionable elements.
• Proven ability to work constructively with IT, business and vendor personnel to provide input on improvements to cybersecurity toolsets and techniques.
• Solid organization and prioritization skills
• Personable approach and ability to work with remote IT company and venue personnel, contributing to a team environment with professionalism.
• Strong communication skills, both verbal and written

COMPENSATION and WORKING CONDITIONS will be discussed during the interview process.

Legends Global is an Equal Opportunity/Affirmative Action employer, and encourages Women, Minorities, Individuals with Disabilities, and protected Veterans to apply. VEVRAA Federal Contractor.