Senior Analyst, Cyber Security GRC; Penetration Tester

Position: Senior Analyst, Cyber Security GRC (Penetration Tester)
Location: California

Job Summary:

Live Nation Entertainment is the world’s leading live entertainment company, comprised of global market leaders:
Ticketmaster, Live Nation Concerts, and Live Nation Media & Sponsorship. Ticketmaster is the global leader in event ticketing with over 620 million tickets sold annually and approximately 10,000 clients worldwide.  Live Nation Concerts is the largest provider of live entertainment in the world promoting more than 50,000 events annually for nearly 7,000 artists in 40+ countries. These businesses allow Live Nation Media & Sponsorship to create strategic music marketing programs that connect more than 1,200 sponsors with the 145 million fans that attend Live Nation Entertainment events each year.

For additional information, visit .Passionate and motivated. Driven, with an entrepreneurial spirit. Resourceful, innovative, forward thinking and committed. At Live Nation Entertainment, our people embrace these qualities, so if this sounds like you then please read on!
** THE ROLE
** The Senior Penetration Tester operates as an independent technical contributor within the Cybersecurity Operations team. This role performs complex penetration tests across both Application and Infrastructure environments, leads smaller engagements, and mentors junior testers. The Senior Tester is proficient in source code analysis, cloud testing, and advanced attack simulations. They contribute to the continuous improvement of methodologies, toolsets, and internal playbooks while collaborating with other security and engineering teams to improve the organization’s security posture.##

WHAT THIS ROLE WILL DO
* Plan, execute, and report on penetration tests of web, API, mobile, and infrastructure systems independently.
* Perform source code analysis to identify and validate application vulnerabilities.
* Develop custom scripts or proof-of-concept exploits to demonstrate impact of vulnerabilities.
* Perform post-exploitation analysis and validate detections using tools such as Crowd Strike Falcon.
* Collaborate with development and operations teams to guide remediation and conduct retests.
* Contribute to internal methodologies and documentation to improve testing consistency.
* Mentor junior penetration testers and share best practices across the team.
* Participate in red team and adversary simulation exercises to assess overall defense capabilities.
** WHAT THIS PERSON WILL BRING
*** Bachelor’s degree in Cybersecurity, Computer Science, or related technical field.
* 3+ years of experience in penetration testing, red teaming, or vulnerability research.
* Experience performing both application and infrastructure testing, including cloud and hybrid environments.
* Proficient with static and dynamic analysis tools, scripting, and exploit development.
* Certifications such as OSCP, GPEN, or equivalent technical credentials
* Experience with Dev Sec Ops  pipelines, CI/CD testing integration, or API fuzzing preferred
* Knowledge of compliance frameworks (PCI DSS, ISO 27001, CIS 18, NIST) preferred
* Experience validating security controls via EDR tools such as Crowd Strike Falcon or Sentinel One preferred
* Prior experience mentoring or leading technical exercises preferred
** Technical Competencies
*** Proficiency with tools including Burp Suite Pro, Nmap, Nessus, Metasploit, Blood Hound, and Crowd Strike Falcon.
* Experience conducting web, API, cloud, and infrastructure penetration testing.
* Strong understanding of authentication mechanisms, encryption, and secure software design principles.
* Intermediate to advanced ability in scripting languages such as Python, Power Shell, or Bash.
* Ability to perform static and dynamic source code analysis.
** Leadership and Strategic Skills
*** Strong written and verbal communication skills to explain complex vulnerabilities to both technical and non-technical audiences.
* Ability to mentor and guide junior team members on testing methodology and report quality.
* Effectively collaborates across App Sec, Infra Sec, and development teams.
** Task Autonomy and Responsibility
*** Operates independently on complex engagements with minimal supervision.
* Capable of scoping and defining…