Director of Cybersecurity Operations

POSITION: Director of Cybersecurity Operations

DEPARTMENT: Information Technology (IT)

REPORTS TO: VP, IT Security & Compliance

FLSA STATUS: Salaried/Exempt

LEGENDS & ASM GLOBAL

Two powerhouse companies have joined forces to redefine excellence in sports, entertainment, and live events. Together, we combine unmatched expertise with a global reach, offering end-to-end solutions – from venue development and event booking to revenue strategy and hospitality. Legends brings a 360-degree, data-driven approach across Global Partnerships, Hospitality, Merchandise, and Attractions, working with top-tier clients to deliver exceptional experiences. ASM Global, the world leader in venue management and live event production, oversees 350 iconic venues stadiums, arenas, conventions centers and theaters.

Our organization is committed to building an inclusive, innovative environment where differences drive solutions that benefit our team members, guests, and partners. Guided by our values of respect, integrity, and accountability, we create a workplace where everyone can succeed. Are you ready to be part of the team that is transforming live entertainment? Join us to make legends happen!

THE ROLE

We are seeking a highly experienced and motivated Director of Cybersecurity Operations (DCO) to lead our security operations team and oversee all aspects of our combined organizations’ security operations.  The ideal candidate will have a strong background in security management (both platform management and operating processes), IT risk mitigation, triage/analysis and incident response.  This role will serve as a critical function to protect our company's assets, ensuring the safety of our personnel, and maintaining the integrity of our operations.

As a DCO, you will be responsible for working closely with ITS&C leadership to develop ITS&C’s daily Operations and Monitoring capabilities, maturing the company’s delivery of operational security practices, and working with global technology, business, and 3rd party vendor teams.  Working in conjunction with leadership from both the ITS&C and greater IT functions, your team will monitor and improve Legends’ operations & cybersecurity footprint, help maintain legal, regulatory & GRC requirements, and be supported by ITS&C in your career path toward future roles.

We are looking for an individual who is personable, comfortable working within a growing & supportive environment and capable of building processes within new and existing technologies to showcase cybersecurity to IT and company leadership.  This position will play a crucial role in continuing to mature Legends’ cybersecurity function toward greater IT risk management capabilities.

Essential Duties and Responsibilities

• Provide expertise, analytic capability and operational skill to manage the Legends ITS&C Security Operations team.
• Develop IT SecOps runbooks, playbooks, operational techniques & improvements for IT security controls with the team.
• Lead development of security monitoring, threat hunting and operating procedures at the application, system, tenant, and venue level, using a combination of on-premise, cloud and vendor-supplied technologies.
• Work with 3RD vendor teams to manage 24x7 SOC/NOC operations, including penetration testing efforts and the establishment of notification and escalation paths for triaged events.
• Lead incident response and trouble resolution on complex issues.
• Lead the development of relevant, useful cybersecurity operations KPIs to track and communicate performance, coverage, and contribute to an identification of risk.
• Work with the VP ITS&C to evaluate industry developments, new security requirements, and mature company security processes to meet all emerging threats and needs.
• Mentor & develop Security Operations team capabilities, providing training, guidance and Tier III resolution of complex security issues.   
• Maintain awareness of trends and development opportunities within the information security arena, including new threats, defensive capabilities, and technology developments.

Qualifications

To perform this job successfully, an individual must be able to perform each essential duty with energy and enthusiasm. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

Education and/or Experience

• B.S. in Technology- or Business-related discipline, or equivalent experience
• Strong background and orientation with IT & cybersecurity requirements and internal controls
• 7-12 years of experience within IT operations, cybersecurity or consulting functions, including familiarity with on-premises and cloud-based IT environments
• Familiarity with a variety of security platforms, including Bitdefender, Proofpoint, M365/Azure, Darktrace & others.  Deep experience with scripting and coding languages such as PowerShell, Python, KQL, PHP & SQL
• Preference given to CISA/CRISC/CGEIT/CISSP/CISM & related/industry certifications, or willingness to pursue.

Skills and Abilities

• Experience with managing cybersecurity requirements within IT and Data Privacy frameworks, such as NIST CSF, SOC(x), PCI-DSS and GDPR
• Demonstrated capability with developing IT communications to internal/external constituents and executive management teams.
• Effective communicator with an ability to translate security analyses into understandable, actionable elements.
• Proven ability to work constructively with IT, business and vendor personnel to provide input on improvements to cybersecurity toolsets and techniques.
• Solid organization and prioritization skills
• Personable approach and ability to work with remote IT company and venue personnel, contributing to a team environment with professionalism.
• Strong communication skills, both verbal and written

COMPENSATION

Competitive salary, commensurate with experience, and a generous benefits package that includes medical, dental, vision, life and disability insurance, paid vacation, and 401k plan.

WORKING CONDITIONS

Location: Remote

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

NOTE:

The essential responsibilities of this position are described under the headings above. They may be subject to change at any time due to reasonable accommodation or other reasons. Also, this document in no way states or implies that these are the only duties to be performed by the employee occupying this position.

Legends & ASM Global is an Equal Opportunity/Affirmative Action employer, and encourages Women, Minorities, Individuals with Disabilities, and protected Veterans to apply. VEVRAA Federal Contractor.