WHAT WE WANT

FriendFinder Networks is looking for a Security Analyst to be responsible for monitoring, detecting, and responding to security events, incidents and threats.  He/she will ensure security risks are analyzed and triaged. They will help improve the security posture of the organization by implementing best practices and controls to prevent or mitigate security risks and exposures.  They will report on compliance levels, identifying non-compliance issues and security vulnerabilities, and manage remediation activities. Your contributions ensure FriendFinder Networks will continue to provide our customers with a secure and enjoyable user experience.

WHAT YOU WILL DO

• Will be first-line responder for detecting and investigating security events, incidents, or other anomalous activities
• Triage security related alerts and anomalies
• Improve efficiency and effectiveness of the SOC to monitor and respond to security events
• Provide input on current security threats, tools, and detection techniques
• Improve the overall Information Security Program by contributing your deep understanding of cyber security
• Assist others with understanding and implementing security policy objectives in ways that are cost effective, and align with business objectives
• Support Incident Response activities, including, but not limited to: managing response tasks and updating of Incident Management tracking system, providing timely and accurate status updates of ongoing activities to incident response stakeholders
• Maintain and improve documentation for Information Security standards and procedures
• Analyze a variety of network and host-based logs to assist with security investigations.
• Will proactively hunt the network to identify security risks
• Recommend and/or implement security controls and countermeasures to prevent or mitigate various security risks
• Maintain dashboards and collect metrics and reports on vulnerability findings and remediation compliance

WHAT YOU MUST HAVE

• BA/BS in Computer Science or equivalent experience
• Minimum 3 years’ of experience in information security
• Expert level proficiency in Machine Data Analytics using Sumologic, Splunk or ELK
• System administration experience (Windows and Unix), network administration experience, and/or application development experience
• Experience with intrusion detection/prevention systems
• Deep knowledge of SIEM solutions, including daily use and writing alert rules
• Experience working in a security operations center capacity, which includes computer security incident monitoring and response activities
• Experience with generally accepted information security practices, such as ISO 27001, OWASP, NIST
• One or more information security certifications (i.e. CISSP, GSEC, GCIA, GCIH, GCFA, OSCP, etc.)
• You must be able to work 10:00AM to 6:00PM Pacific Standard Time regardless of where you live
• You must be at least 21 years old or older
• You must be comfortable with adult content

WHAT IS PREFERABLE TO HAVE

• In-depth experience with vulnerability assessment tools (Nessus, Nexpose, Metasploit, Qualys, nmap, Burp Suite, Retina, etc.) as well as manual techniques
• Hands-on experience in tools and processes used in security event and incident detection and protection (i.e. antivirus, IDS/IPS, SIEM, etc.)
• Thorough understanding of well-known protocols (HTTP, SSH, FTP, LDAP, etc)
• In-depth network analysis (pcap), core forensic familiarity, and incident response skills
• Knowledge of information security industry and regulatory obligations (PCI DSS, SOC1/2, ISO 27000-series, NIST Framework, etc.)
• Proficiency in one or more coding languages (i.e. Python, Ruby, Perl, Bash etc.)

WHAT YOU SHOULD BE ABLE TO DEMONSTRATE

• Exceptional communication and advocacy skills, both verbal and written; able to express complex technical issues in an easily understood manner
• Solid track record of ownership of projects and adept at working independently with little supervision
• Ability to protect all forms of highly confidential and proprietary business information and ability to maintain the highest standards of privacy and security
• Well organized; able to handle multiple projects simultaneously and meet strict deadlines
• Ability to follow and abide by all information and security policies and practices
• Able to work on an as needed basis during critical times

REPORTING TO THIS POSITION:  No direct reports

PERKS

FriendFinder Networks Inc. and its subsidiaries offer a business casual work environment, flexible work hours, and a competitive salary. The benefits package includes:

• 401(k) with a 6% match on eligible earnings with no vesting period
• Medical (Kaiser HMO, Blue Cross PPO), Dental, and Vision
• Flexible Spending Account for Healthcare and Dependent Care
• Life Insurance, AD&D, LTD and Short and Long Term Disability
• Paid Time Off (20 days PTO) and Holiday Pay (12 company paid holidays off)
• Employee Assistance Program
• Tuition Reimbursement
• Health Club Reimbursement
• Tattoo Friendly
• LGBTQ Friendly

WORKING WITH US

WE ARE PASSIONATE ABOUT WHAT WE DO

Not only do we love what we do, but we truly believe in it. We grow through positive education, skill training, courses, big stories, and big dreams. We are constantly improving and striving for perfection to revolutionize and enhance the lives of our members.

WE CARE ABOUT PEOPLE

The main precondition of any relationship is the ability to put ourselves in someone else’s shoes to truly understand them. Satisfied customers, employees, and business partners are not just a cog in the wheel, but the main ingredient of the company’s success.

WE EMBRACE DIVERSITY IN ALL FORMS

FriendFinder Networks has embraced diversity from the beginning of its history dating back to the mid 1990s. We created the first online personals sites for gays and lesbians, for non-English-speaking audiences, and for those who enjoy what was once called “alternative lifestyles”. Headquartered in San Francisco / Silicon Valley and staffed throughout the world, our team also relies on diversity of background, perspectives, and ideas.

Salary Range DOE: $110,000 to $125,000