Engineer, Cybersecurity

About TKO:

TKO owns iconic properties including UFC, the world’s premier mixed martial arts organization; WWE, the global leader in sports entertainment; and PBR, the world’s premier bull riding organization. Together, these properties reach 210 countries and territories and organize more than 500 live events year-round, attracting more than three million fans.

TKO also services and partners with major sports rights holders through IMG, an industry-leading global sports marketing agency; and On Location, a global leader in premium experiential hospitality. TKO is majority owned by TKO Group Holdings, Inc. (NYSE: EDR), a global sports and entertainment company.

Our technology organization is transforming how we work at TKO. We align with our business units to deliver shared services and innovative solutions that:

• Address specific business challenges, integrate processes and systems, and create incredible experiences.
• Connect our work to shared goals that propel TKO forward in the Digital Age.
• Advance the way we work by embracing emerging or disruptive technologies.

We are seeking a forward-thinking technology practitioner who can drive security operations, analytics, cyber threat intelligence, and incident response. The successful candidate must have a “security first” mindset. Experience working in media and entertainment companies, holding companies, or publicly traded enterprises is a plus.

II. Position Summary:

• Supports the maturing of the organization’s cybersecurity detection capabilities.
• Recommends, configures, enhances, and maintains relevant security systems and tools.
• Monitors and responds to security alerts, notifications, and critical issues
• Supports TKO’s Security Incident Response Plan (SIRP), which may include on-call responsibilities and after-hours support for potential security incidents.
• Assist in the continuous development of TKO’s vulnerability management program.
• Actively streamline and simplify workflows and processes; Use automation and orchestration for improved efficiencies where possible.
• Identify gaps in TKO’s cybersecurity posture and develop, document, and implement remedies to close those gaps.
• Partners with TKO vendors and the Cybersecurity team as it relates to emerging threat intelligence.
• Manages and contains information security incidents and events to protect critical assets, intellectual property, related data, and the company’s reputation.
• Maintains security focused programs to ensure the organization is prepared to detect, respond, and recover from a cyber-attack.
• Promotes best practices, implements, and maintains critical security controls, supporting processes and procedures.
• Provides mentorship, advice, and skill enhancement to junior team members.
• Aligns closely with TKO’s Cybersecurity Engineering, Operations, and Architecture teams and is a frequent collaborator across TKO’s IT Infrastructure and Service Delivery organizations.
• Liaise with other technical and business teams regarding secure architecture, management, and monitoring events to ensure threat indicators are rated by severity and responded to in a manner consistent with the threat.
• Develops and maintains Key Performance Indicators (KPIs) and metrics, providing weekly and monthly reports for VP, Cybersecurity for various internal audiences, including senior IT leaders, BU leadership, and senior company management.

IV. Qualifications:

• Education: 4-year degree in computer science or related combined work/education experience.
• Experience: Minimum 2 years relevant work experience in the field of cybersecurity.
• Certifications: Microsoft, ISC2, CompTIA, or other certifications preferred.

VI. Knowledge, Skills, and Abilities:

• Experience working with an organization’s Security Operations Center (SOC) and/or experience and oversight of a Managed Security Service Provider (MSSP).
• Experience in event analysis, using log sources and packet capture technologies and techniques.
• Experience investigating and responding to various types of cybersecurity alerts.
• Experience with Supply Chain risk and third-party risk management.
• Strong hands-on experience in related cybersecurity technologies and tools, including but not limited to endpoint protection products (EDR, Anti-virus, etc.,) email and web protection tools, security incident and event management (SIEM) / security orchestration, automation, and response (SOAR) tools, and more.
• Experience in security-related programs, including but not limited to vulnerability and patch management, application security, internet of things (IoT) security, and mobile security.
• Knowledge of or hands-on experience in secure configuration management and system hardening.
• Experience in computer forensics and cyber incident investigations is a plus.
• Strong knowledge of TCP/IP, DNS, NAT, and the OSI Model.
• Experience with NIST Controls, the NIST Cyber Security Framework (CSF), and ISO/IEC 27000 series frameworks.
• Ability to analyze complex information and identify key and relevant points, including communicating the business impact of cybersecurity events in a relevant and easy-to-understand manner.
• Strong verbal and written communication skills.
• Ability to exercise discretion when handling sensitive information.
• Ability to remain calm in and bring calm to stressful situations, particularly incident response.
• Solid foundational understanding of geopolitical issues with cybersecurity implications and how they may apply to TKO’s businesses.