Posted on Nov 21, 2018 by National Basketball Association
As a global sports and media business, the NBA is so much more. While Basketball Operations runs the league's on-court activities, other departments manage relationships with television and digital media partners, develop marketing partnerships with some of the world's most recognizable companies, oversee the licensing of NBA merchandise, and handle a wide range of responsibilities that drive the NBA's success.
The NBA is a global sports and media business built around three professional sports leagues: the National Basketball Association, the Women's National Basketball Association, and the NBA G League. Named as one of the top 10 most Innovative Companies by FastCompany, the NBA continues to grow rapidly in popularity and scale across the globe - and technology is a key ingredient in supporting our ambitious goals. The league has established a major international presence with games and programming in 215 countries and territories in 49 languages, and NBA merchandise for sale in more than 125,000 stores in 100 countries on 6 continents.
NBA Digital's assets include NBA TV, NBA.com, NBA App and NBA LEAGUE PASS.
- Manage and coordinate operational components of incident management, including detection, response and reporting.
- Manage production issues and incidents, and participate in security investigations.
- Provides second- and third-level support and analysis during and after a Cybersecurity incident.
- Acts as a liaison between incident response leads and other functional subject matter experts
- Monitor system logs, SIEM tools and network traffic for unusual or suspicious activity. Interpret such activity and make recommendations for resolution.
- Investigate and resolve security violations by providing postmortem analysis to illuminate the issues and possible solutions.
- Design, coordinate and perform security testing to verify the security of systems, networks and applications, and manage the remediation of identified risks.
- Define security control requirements for the web environment and related infrastructure services to ensure that access to information, application functions, storage, networks, and data processing systems are adequately safeguarded
- Perform application security testing to identify cyber risks for applications belonging to NBA League office and the teams
- Perform penetration testing of applications and networks
- Maintain current and establish new reporting methods of Cybersecurity intelligence analysis; deliver situational awareness and making cyber intelligence actionable.
- Automate security threat monitoring to collect and generate cyber intelligence to uncover attacks not detected with traditional signature or rule based methods.
- Administer Cybersecurity intelligence process to ensure security threat information, system log information, and sources of external intelligence are combined to provide real time response to cyber events.
- Develops Cybersecurity processes and procedures, and support service-level agreements (SLAs) to ensure that security controls are managed and maintained.
- Define executive reporting strategies and maintain metrics that effectively communicate successes and progress of the security program.
- Possess the ability to weigh business risks and ensure compliance with appropriate Cybersecurity measures.
- Possess a high energy level and strong work ethic with a commitment to continuous improvement in a dynamic and changing environment that strives to exceed expectations.
- Experience with the tools used in Cybersecurity event analysis, incident response, and computer forensics.
- Experience in application technology security testing
- Experience in vulnerability scanning and penetration testing
- Experience with security related technologies / tools covering Cyber Threat Intelligence, Security Information Event Management, Cyber Incident Response and Application Security
- Outstanding interpersonal and communication skills
- Ability to manage multiple priorities and deal effectively with the senior management, staff members, and vendors.
- Ability to exercise discretion and use independent judgment in making decisions and work with minimal functional guidance.
- Must possess a high degree of integrity and trust along with the ability to work independently
- Excellent written and verbal communication skills
- Must have the ability to quickly master, simplify, and communicate the value proposition of complex subjects to stakeholders.
- Working experience with Linux/Unix and Windows operating systems and administrative tools
- Understanding of security controls for common platforms and devices, including Windows, Unix, Linux, and network equipment
- Knowledge of NIST 800-53, COBIT, ISO 27001/02
- Ability to travel up to 20%
Educational Background Required
- Bachelor's degree in Computer Science, Information Systems or a technically related discipline
- 5+ years of experience in the Cybersecurity area
- Professional security certification, such as a Certified Information Systems Security Professional (CISSP) or another relevant industry certification such as GIAC.
We Consider Applicants For All Positions On The Basis Of Merit, Qualifications And Business Needs, And Without Regard To Race, Color, National Origin, Religion, Sex, Gender Identity, Age, Disability, Alienage Or Citizenship Status, Ancestry, Marital Status, Creed, Genetic Predisposition Or Carrier Status, Sexual Orientation, Veteran Status, Familial Status, Status As A Victim Of Domestic Violence Or Any Other Status Or Characteristic Protected By Applicable Federal, State, Or Local Law.
Nearest Major Market: New York City
Nearest Secondary Market: Newark
Job Segment: Information Systems, Computer Science, Linux, Unix, Compliance, Technology, Legal