Creative Artists Agency (CAA) is a leading entertainment and sports agency, with global expertise in filmed and live entertainment, digital media, publishing, sponsorship sales and endorsements, media finance, consumer investing, fashion, brand management and consumer product licensing, and philanthropy. Distinguished by its culture of collaboration and exceptional client service, CAA’s diverse workforce identifies, innovates, and amplifies opportunities for the people and organizations that shape culture and inspire the world. The trailblazer of

business, CAA was the first to build a sports business, create an investment bank, launch a venture fund, found technology start-up companies, establish a philanthropic arm, build a business in China, form brand marketing services division, and launch a family office advisory practice, among other innovations. Named Most Valuable Sports Agency by Forbes for 10 consecutive years, CAA represents more than 3,000 of the world’s top athletes in football, baseball, basketball, hockey, and soccer, in addition to coaches, on-air broadcasters, and sports personalities and works in the areas of property sales and sponsorships, media advisory, brand consulting, venue development and strategic advisory, and executive search. Founded in 1975, CAA is headquartered in Los Angeles, and has offices in New York, London, Nashville, Munich, Shanghai, Beijing, Chicago, Washington, D.C., Singapore, Toronto, Denver, Charlotte, Jacksonville, and Atlanta, among other locations globally. For more information, please visit www.caa.com.

This is a hands-on security position working within the Information Security group and with the internal IT department.

This position’s core focus is to ensure consistent, measurable end-to-end delivery of security services.

The successful candidate will work to develop and deploy capabilities, ensuring enterprise systems and data are protected with the security controls and tools required to meet policy and compliance requirements.

We are looking for candidates who have a passion for cyber security, threat detection, risk mitigation, and response.

You will be a key part of our efforts to build and support a defensible environment where we are able to detect, contain and respond quickly to threats and compromise in ways that serve to enable the business needs of a highly collaborative organisation. The environment is fast-paced and commonly on the leading edge of technology, including early adoption of various cloud services along with the challenges of integrating those services into our security practice.

to include: Define and evolve security tooling aligned to cybersecurity architecture and risk objectives Evaluate new and emerging threats against existing security controls; ensuring controls remain effective to meet business objectives Translate threat intelligence and risk assessments into engineering roadmaps Review the designs of proposed major applications and upgrades for compliance with security architecture; deliver cross team security integration capabilities Play an active role in CAA’s security incident response efforts, working to identify and mitigate information security threats

At least 10 years in Information Technology, ideally with a mixed focus on infrastructure and development projects and services At least 2 years’ • experience in information security A bachelor’s or master’s Degree in a relevant field of work Experience scripting in at least one of the following languages: PowerShell, Python, JavaScript Experience supporting the implementation and operation of security tooling in the following areas: Zero Trust Access and Network Segmentation, Public Key Infrastructure (public and private), Endpoint and Workload Protection, Web Application Firewalls, Secure Email Gateways and Filters, Cloud Security, Secure DNS Large-scale SIEM or security data lake implementations A • strong understanding of the fundamental operations of servers, operating systems, networks, cloud services, and infrastructure An expert understanding of the key controls required for secure operation of these systems Experience working in an Azure environment and/or strong knowledge of the Azure cloud environment Demonstrated an organized and methodical approach to making improvements on past organizations security programs. Has designed and maintained controls to support the secure delivery of applications through continuous development and continuous integration processes Has built and managed frameworks to test and validate the effective operation of security controls; measuring the ability to stop threats and attacks at the earliest point in the kill chain Background working within or implementing a secure development lifecycle Please ensure you provide complete and legible information in your application. An incomplete application may affect your consideration for employment.