Incident Response Analyst

MSG Entertainment Holdings, LLC•New York, NY

4d•$75,000 - $100,000•Onsite

About The Position

Madison Square Garden Entertainment Corp. (MSG Entertainment) is a leader in live entertainment, delivering unforgettable experiences while forging deep connections with diverse and passionate audiences. The Company’s portfolio includes a collection of world-renowned venues – New York’s Madison Square Garden, Infosys Theater at Madison Square Garden, Radio City Music Hall, and Beacon Theatre; and The Chicago Theatre – that showcase a broad array of sporting events, concerts, family shows, and special events for millions of guests annually. In addition, the Company features the original production, the Christmas Spectacular Starring the Radio City Rockettes, which has been a holiday tradition for more than 90 years. More information is available at www.msgentertainment.com. The Incident Response Analyst is responsible for monitoring, investigating, and responding to security alerts and incidents across the organization. This role partners with internal and external teams to contain threats, remediate vulnerabilities, and restore impacted systems in a timely manner. The Incident Response Analyst also supports incident investigations, documents findings, and helps strengthen the organization’s overall security posture. The ideal candidate is an analytical problem solver who communicates effectively and thrives in a collaborative, fast-paced environment.

Requirements

Completed 60 credits of college-level coursework (representing 2 years) or have shown similar self-development through certifications, trade school coursework, etc., are preferred.
1-2 years of experience in information security and/or digital forensics involving investigating and remediating cyber events.
Comprehend current cyber security threats such as spear-phishing campaigns, business email compromises, and back-door Trojan malware.
Experience with Endpoint Detection and Response tools such as Carbon Black, SentinelOne and Microsoft Defender.
Has a basic knowledge of Windows, Mac, and Linux operating systems. iOS and Android mobile devices.
Must have experience dealing with confidential information and tact when working on sensitive investigations
Has a basic knowledge of traditional networking (TCP/IP, DNS, DHCP, etc.) and cloud infrastructure, such as AWS, GCP, and Azure.
Able to document detailed investigations, remediations, and procedure changes.
Communicates effectively with peers, partner teams, and management.
Enjoys thinking analytically and solving problems individually and as a team.
Possesses a passion for learning all things, information security and incident response.

Responsibilities

Responsible for carrying out daily security monitoring and response procedures.
Perform initial incident assessment, evidence gathering, and triage.
Escalate incidents and participate in or lead remediation efforts.
Investigate and remediate security events occurring in email, workstations, firewall and other platforms
Document and report steps taken to resolve security events using information security runbooks and templates
Provide feedback and recommendations for improvement of security controls and response procedures.
Assist with expanding MDR/SIEM capabilities, including log coverage, alert development, and process improvements.
Report weekly metrics to the Information Security Leadership.
Collaborate with the Technology, People Practices, and Legal and Business Affairs departments to build a more secure MSG.
Participate in On-Call rotation to remediate alerts/incidents outside regular business hours.
Assist with managing, analyzing, and remediating phishing emails within our security platform.
Other information security projects/duties as assigned.