Security Analyst II

• We're taking autonomous search mainstream, making product discovery more intuitive and conversational for customers, and more profitable for businesses.
• We’re making conversational shopping a reality, connecting every shopper with tailored guidance and product expertise — available on demand, at every touchpoint in their journey.
• We're designing the future of autonomous marketing, taking the work out of workflows, and reclaiming the creative, strategic, and customer-first work marketers were always meant to do.

We are looking for a Security Analyst to  join the Bloomreach GIST (Global Information Security & Technology) team to help protect our environment from threats, vulnerabilities, and sophisticated attackers. Your work will have a significant impact on numerous customers across various e-commerce verticals and hundreds of millions of online users. As a core member of our globally distributed 24/7 Security Operations Team, you are expected to work from one of our India offices ( Bengaluru) or from home.This role is ideal for someone who has built a solid foundation in security operations and is ready to take the next step — owning more complex work, developing specialised skills, and contributing more meaningfully to the team's detection and response mission

Your job will be (but not limited to)

• To Monitor, analyze & interpret security/system/application/infrastructure logs for events, configuration irregularities & potential incidents
• To leverage security tools, custom built dashboards and/or proactive identification approaches to detect anomalous activities
• Monitoring Cloud infrastructure for security-related events
• Monitoring threat/vulnerability landscape and security advisories, coordinate and escalate as appropriate
• Collaborate with Product Security, Infrastructure Security, and GRC teams on cross-functional investigations and audit-related tasks as needed.
• Work with application security teams, product specialists, GRC, and legal teams on active incidents and/or investigations
• To participate in a major incident call, document incident report summaries
• To document, follow and execute standard operating procedures (SOPs)
• Documenting/Managing/maintaining & following use cases, playbooks and/or knowledge base articles
• To work on incidents, requests related to security
• Develop and maintain security detection use cases and alerts within SIEM platforms
• Design and implement automation workflows using SOAR or similar security orchestration tools
• Working knowledge of AI/LLM tools (e.g., Gemini, ChatGPT, Claude) and their application in security operations. Understanding of authentication mechanisms, including private/public key concepts, familiarity with command-line interfaces (CLI), IDE-based tools, and agent-based workflows. Awareness of API usage, token management, and secure handling of credentials
•  Owning responsibilities within a shift with a positive mindset towards growth & upskilling
• Engaging & escalating issues as necessary

Professional experience, skills & requirements

•  3+ years of hands on experience as part of a 24*7 Security Operations team or Cyber Fusion Center team supporting any one of the following as minimum
• SaaS platform Security
• Cloud Security
• API/Container Security
• Threat Intel/Hunting, Vulnerability Management  

• Hands on experience and deep knowledge on usage  of SIEM (Splunk preferred), SOAR, EDR ( modules like TI, VM, DLP)
• Hands on experience in using any of CSPM tools (SentinelOne, Falcon Horizon, Wiz,Sysdig,Prisma cloud,MS Defender)
• Hands on experience assessing, interpreting & managing vulnerabilities using relevant tools ( CS Spotlight, QualysGuard, Rapid 7) 
• Hands on experience of either AWS or GCP is must
• Should possess positive attitude to participate, own & drive tasks for POCs for various tools
• Understanding of risk frameworks
• Ability to assess emerging trends & threats in cyber security space
• Should possess good analytical, problem-solving, and interpersonal skills. Should be able to apply & provide logical reasoning
• Knowledge of NIST framework, OSINT standards, MITRE ATT&CK framework & cybersecurity incident lifecycle
• Knowledge of network protocols, operating systems (Linux, macOS, Windows), and security fundamentals.
• Mandatory to work in a 24/7 rotation shift & weekends 
• Possess excellent command on communication in English being a good listener, speaker & reader
• You have had working experience in a global team or can understand dialects from various parts of the world
• Basic scripting skills (Python, Bash, or PowerShell) for automating repetitive tasks.
• Growing independence in handling security events — able to work through moderate issues with some guidance, applying best practices and established procedures.
• Strong analytical thinking and attention to detail, with a developing ability to connect findings across data sources during investigations.
• Good written and verbal communication skills — able to document investigations clearly and provide accurate status updates.
• Curious and eager to learn — actively seeks out new knowledge about threats, tools, and techniques.
• Team-oriented with a collaborative, low-drama approach to working with colleagues across functions and time zones.
• Proactive mindset — takes initiative to improve personal skills and contribute to the team's knowledge and processes
• Entry-level or intermediate security certifications (e.g., CompTIA Security+, CySA+, GSEC, or equivalent).
• Previous experience in a SaaS, e-commerce, or technology company

Your success story will be:

In the first 30 days you will

• Understand the roles & responsibilities of SOC team, in-scope vs out of scope tasks
• Read &  understand SOPs, Policies & working procedures of the team
• Shadow peers in day to day work, overlook tickets, alerts, incidents, understand the current state of ongoing projects/enhancements etc
• Understand the team's incident response procedures, escalation paths, and shift structure. Begin handling lower-severity alerts and incidents under guidance from senior analysts

In the next 30 days you will (60 days from start)

• Start owning incidents, tasks as independent contributor with a peer shadowing you
• Participate in incident related calls, cross team/department meetings
• Handle SIEM/SOAR/EDR events. Demonstrate consistent adherence to SOPs and ticket hygiene standards. Contribute at least one update or improvement to a runbook, playbook, or knowledge base article based on hands-on experience

In the next 30 days you will(90 days from start)

• You will start documenting or tweaking existing SOPs, process document
• You will bear responsibilities of representing team in forums/meetings/discussions
• You will start managing shift alone when needed
• You will adapt yourself to the service improvement mindset and contribute. Show measurable growth in investigation quality, speed, and documentation. Begin developing a specialisation area (e.g., cloud security monitoring, detection engineering, threat intelligence) aligned with team needs and personal development goals to overall success of the team

More things you'll like about Bloomreach:

Culture:

• A great deal of freedom and trust. At Bloomreach we don’t clock in and out, and we have neither corporate rules nor long approval processes. This freedom goes hand in hand with responsibility. We are interested in results from day one. 
• We have defined our 5 values and the 10 underlying key behaviors that we strongly believe in. We can only succeed if everyone lives these behaviors day to day. We've embedded them in our processes like recruitment, onboarding, feedback, personal development, performance review and internal communication. 
• We believe in flexible working hours to accommodate your working style.
• We work virtual-first with several Bloomreach Hubs available across three continents.
• We organize company events to experience the global spirit of the company and get excited about what's ahead.
• We encourage and support our employees to engage in volunteering activities - every Bloomreacher can take 5 paid days off to volunteer*.
• The Bloomreach Glassdoor page elaborates on our stellar 4.4/5 rating. The Bloomreach Comparably page Culture score is even higher at 4.9/5

Personal Development:

• We have a People Development Program -- participating in personal development workshops on various topics run by experts from inside the company. We are continuously developing & updating competency maps for select functions.
• Our resident communication coach Ivo Večeřa is available to help navigate work-related communications & decision-making challenges.*
• Our managers are strongly encouraged to participate in the Leader Development Program to develop in the areas we consider essential for any leader. The program includes regular comprehensive feedback, consultations with a coach and follow-up check-ins.
• Bloomreachers utilize the $1,500 professional education budget on an annual basis to purchase education products (books, courses, certifications, etc.)*

Well-being:

• The Employee Assistance Program -- with counselors -- is available for non-work-related challenges.*
• Subscription to Calm - sleep and meditation app.*
• We organize ‘DisConnect’ days where Bloomreachers globally enjoy one additional day off each quarter, allowing us to unwind together and focus on activities away from the screen with our loved ones.
• We facilitate sports, yoga, and meditation opportunities for each other.
• Extended parental leave up to 26 calendar weeks for Primary Caregivers.*

Compensation:

• Restricted Stock Units or Stock Options are granted depending on a team member’s role, seniority, and location.*
• Everyone gets to participate in the company's success through the company performance bonus.*
• We offer an employee referral bonus of up to $3,000 paid out immediately after the new hire starts.
• We reward & celebrate work anniversaries -- Bloomversaries!*

(*Subject to employment type. Interns are exempt from marked benefits, usually for the first 6 months.)

Excited? Join us and transform the future of commerce experiences!

If this position doesn't suit you, but you know someone who might be a great fit, share it - we will be very grateful!

Any unsolicited resumes/candidate profiles submitted through our website or to personal email accounts of employees of Bloomreach are considered property of Bloomreach and are not subject to payment of agency fees.

#LI-Remote