SOC Analyst

Job Description:

Job Summary:

UK/EMEA- SOC Analyst (P-2)

UK (0800 AM - 1600 PM GMT)/EMEA (0900 AM - 1700 CET)

Live Nation Entertainment - Cybersecurity Security Operations

About Us

Live Nation Entertainment is the world's largest live entertainment company, composed of global market leaders: Ticketmaster, Live Nation Concerts, and Live Nation Media & Sponsorship. With 550 million fans and operations in over 40 countries, our security mission is to ensure those experiences remain uninterrupted and safe. The Detection and Response Team (DART) plays a key role in maintaining that trust, security, and resilience.

Job Purpose

As a UK/EMEA SOC Analyst, you will serve on the frontline, helping guide real-time incident response and contributing to improve team capabilities. This role will be responsible for monitoring, triaging, and investigating cybersecurity threats within the organization's network and environments.

Key Responsibilities

* Participate in security operations shift activities to ensure effective detection triage and investigation.
* Continuously monitor security systems and tools for suspicious activities and potential security incidents.
* Document security incidents and provide recommendations for security improvements.
* Participate as an investigator in incident response scenarios.
* Promote a culture of collaboration, accountability, and continuous improvement across shifts.
* Contribute to the creation and refinement of playbooks and operational procedures.

Security Operations Activities

* Monitor and triage security alerts using SIEM, EDR, and NDR platforms.
* Perform in-depth investigations into potential threats, applying TTP-based analysis and leveraging internal tools.
* Collaborate with business units and technical teams during incident response to gather context and execute containment or remediation.
* Support in the creation of documentation and recommendations post-incident reviews and incident reports.
* Participate in tuning detection content and use-case development in partnership with threat detection teams.

Required Qualifications

* Bachelor's degree (or higher) in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field.
* Experience with SIEM, EDR, NDR, and DFIR toolsets.
* In-depth understanding of attacker TTPs (MITRE ATT&CK) and strong investigative mindset.
* Experience responding to incidents in cloud environments (AWS, Azure, GCP).
* Excellent written and verbal communication skills, especially in cross-functional and high-pressure scenarios.
* Ability to guide and inspire analysts of varying experience levels.

Preferred Certifications

* One of the following (or equivalent experience):
* GIAC Security Expert (GSE)
* GIAC Certified Incident Handler (GCIH)
* GIAC Certified Intrusion Analyst (GCIA)
* GIAC Certified Incident Handler (GCIH)
* GIAC Certified Intrusion Analyst (GCIA)
* CompTIA Cybersecurity Analyst (CySA+)
* Microsoft Certified: Cybersecurity Architect Expert or AWS Certified Security
* CompTIA Security Plus (Sec +)

Additional Expectations

* Participate in a 24/7 on-call rotation.
* Demonstrate flexibility and ownership during incidents and surge periods.
* Collaborate closely with the SOC managers on planning, capacity tracking, and continuous team/process improvement