Job description

TKO Group Holdings, Inc. (NYSE: TKO) is a premium sports and entertainment company. TKO owns iconic properties including UFC, the world’s premier mixed martial arts organization; WWE, the global leader in sports entertainment; and PBR, the world’s premier bull riding organization. Together, these properties reach 210 countries and territories and organize more than 500 live events year-round, attracting more than three million fans. TKO also services and partners with major sports rights holders through IMG, an industry-leading global sports marketing agency; and On Location, a global leader in premium experiential hospitality. Job Description • TKO is seeking a Senior Security Engineer to lead the selection, design, implementation, and operation of security solutions for our technology environment. Reporting to the SVP of Cybersecurity, this role will integrate security controls into business processes to ensure data security, compliance, integrity, and availability. You will drive the effective development and adoption of solutions, supporting cybersecurity engineering efforts to mitigate risks across our global organization. • The TKO Cybersecurity team is committed to identifying, evaluating, and mitigating threats, vulnerabilities, and risks within our business processes, technology supply chain, and behaviors. Our focus is to protect Endeavor’s business operations while fostering top-line growth across our lines of business, alongside our technology, compliance, and legal teams. • You are a seasoned cybersecurity and risk management professional with a solid understanding of enterprise engineering and supporting principles. You are a subject matter expert with experience working with both technical and non-technical business leaders, adopting a client-services approach. You have a consultant mindset, collaborating with partners across various functions and seniorities to embed yourself within the business units. You can recognize unique threats and efficiency opportunities across diverse business models, revenue streams, and data sources within our complex corporate structure. Responsibilities • Design and Implement Security Solutions: Engineer and support the full lifecycle of security solutions within Endeavor’s networks (both on-premise and in the cloud). • Consult on Operational Efficiency: Advise management on operational improvements to enhance security capabilities and reduce delivery costs. • Create Robust Security Controls: Develop and maintain security controls for agile deployments, including both traditional infrastructure and continuous deployment methods in a high-capacity, multi-tiered infrastructure. • Develop Security Frameworks: Build a library of architectural patterns to optimize time-to-solution for security throughout a solution’s lifecycle, covering technology, business processes, operating costs, assurance, and skills development. • Drive Assurance Programs: Develop and sustain a metrics-driven software assurance program, incorporating education, business processes, tools, and policies to enhance the security and monitoring of the firm. • Lead Incident Response Efforts: Contribute to the Incident Response Process as a senior member of the Cybersecurity team, collaborating with Compliance, Legal, and HR teams. • Support Security Operations for Escalations: Act as an escalation point for complex or high-severity security operations issues, collaborating with relevant teams to resolve incidents quickly and effectively. • Support an On-Call Schedule: Participate in a shared on-call rotation with other Cyber Ops team members, ensuring 24/7 coverage for critical security issues. • Innovate and Strategize: Provide innovative thinking and strategic planning on best practices, cost management, emerging technologies, and potential product/service offerings. BASIC QUALIFICATIONS • Proven Experience: Over 5 years of experience as a security professional. • Enterprise IT Background: Over 3 years of experience working in high-traffic, public-facing production environments or within a global enterprise IT organization. • Expertise in Engineering Practices: Strong experience in enterprise engineering, supporting principles, and lifecycle management. • Hands-On Security Expertise: Senior-level, hands-on experience in security engineering and support. • Advanced Security Knowledge: In-depth knowledge of host- and network-based intrusion prevention and response, anti-malware solutions, SIEM, Azure/AWS threat and log monitoring, and authentication/role-based identity management solutions. • Proficient in Risk Management: Experience with vulnerability management and mitigations, including patch management and system hardening. • Skilled in Threat Hunting: Expertise in threat hunting, with the ability to document operating procedures and create playbooks. • Familiarity with Security Protocols: Working knowledge of IPSec VPN, SSL, MFA/2FA, firewall policies, and PKI. • Industry Certifications: CISSP certification or equivalent required. PREFERRED QUALIFICATIONS • Leadership Skills: Leadership or team lead experience is a plus. • Network Expertise: Strong understanding of LAN/WAN communications and network hardware, particularly Cisco routers, switches, and firewalls. • Programming Skills: Development experience in scripting languages such as Python, Bash, or PowerShell is a plus. • Security Standards Knowledge: In-depth understanding of the OWASP Top 10 and PCI secure coding principles, with the ability to advise on mitigation strategies across architecture, systems engineering, operations, and development.

Requirements