Associate Security Analyst

Bloomreach helps businesses personalize the customer experience. It leverages the industry's only real-time customer and product data to train advanced AI, which powers personalized marketing, product discovery, content management, and conversational shopping in a single solution. This AI-driven approach empowers over 1,400 global brands, including Bosch, Puma, and Marks & Spencer, to grow their businesses.With Bloomreach, personalization flows seamlessly across the customer experience. At every point in their journey, customers are connected with the content they want to see and the products they want to buy. Businesses break the limits of ordinary experiences — and drive measurable growth along the way.

Join the Bloomreach GIST (Global Information Security & Technology) team as an Associate Security Analyst and help protect our e-commerce environment from threats, vulnerabilities, and sophisticated attackers. Your work will have a significant impact on numerous customers across various e-commerce verticals and hundreds of millions of online users. As a core member of our globally distributed 24/7 Security Operations Team, you can work full-time from our India offices or from home.

Your job will be (but not limited to)

● To Monitor, analyze & interpret security/system/application/infrastructure logs for events, configuration irregularities & potential incidents
● To leverage security tools, custom built dashboards and/or proactive identification approaches to detect anomalous activities
● Monitoring Cloud infrastructure for security-related events
● Monitoring threat/vulnerability landscape and security advisories, coordinate and escalate as appropriate
●To work with application security teams, product specialists, GRC, legal teams on active incidents and/or investigations
● To participate in a major incident call, document incident report summaries
● To document, follow and execute standard operating procedures (SOPs)
● Documenting/Managing/maintaining & following use cases, playbooks and/or knowledge base articles
● To work on incidents, requests related to security
● Owning responsibilities within a shift with a positive mindset towards growth & upskilling

Professional experience, skills & requirements

● 2+ years of hands on experience as part of a 24*7 Security Operations team OR a starter with equivalent degree/specialization in the area of Cyber Security with a proven project dealing in the new age landscape (SaaS platform Security, SecOps, API/Container Security, Threat Intel/Hunting, Vulnerability Management).
● Hands on experience or deep knowledge on usage of SIEM, SOAR, EDR ( modules like TI, VM, DLP)
● Exposure or experience in using any of CSPM tools (SentinelOne, Falcon Horizon, Wiz,Sysdig,Prisma cloud,MS Defender)
● Exposure or experience in assessing, interpreting & managing vulnerabilities using relevant tools.
● Knowledge of either AWS or GCP is must
● Should possess positive attitude to participate, own & drive tasks for POCs for various tools
● Understanding of risk framework
● Ability to assess emerging trends & threats in cyber security space
● Should possess good analytical, problem-solving, and interpersonal skills. Should be able to apply & provide logical reasoning
● Knowledge of NIST framework, OSINT standards, MITRE ATT&CK framework & cybersecurity incident lifecycle is an advantage. Beginner level of understanding is mandatory
● Mandatory to work in a 24/7 rotation shift & weekends
● Possess excellent command on communication in English being a good listener, speaker & reader 

Your success story will be:

In the first 30 days you will

● Understand the roles & responsibilities of SOC team, in-scope vs out of scope tasks
● Read & understand SOPs, Policies & working procedures of the team
● Shadow peers in day to day work, overlook tickets, alerts, incidents, understand the current state of ongoing projects/enhancements etc

In the next 30 days you will (60 days from start)

● Start owning incidents, tasks as independent contributor with a peer shadowing you
● Participate in incident related calls, cross team/department meetings
● Handle SIEM/SOAR/EDR events

In the next 30 days you will(90 days from start)

● You will start documenting or tweaking existing SOPs, process document
● You will bear responsibilities of representing team in forums/meetings/discussions
● You will start managing shift alone when needed
● You will adapt yourself to service improvement mindset and contribute to overall success of the team

More things you'll like about Bloomreach:

Culture:

• A great deal of freedom and trust. At Bloomreach we don’t clock in and out, and we have neither corporate rules nor long approval processes. This freedom goes hand in hand with responsibility. We are interested in results from day one. 
• We have defined our 5 values and the 10 underlying key behaviors that we strongly believe in. We can only succeed if everyone lives these behaviors day to day. We've embedded them in our processes like recruitment, onboarding, feedback, personal development, performance review and internal communication. 
• We believe in flexible working hours to accommodate your working style.
• We work virtual-first with several Bloomreach Hubs available across three continents.
• We organize company events to experience the global spirit of the company and get excited about what's ahead.
• We encourage and support our employees to engage in volunteering activities - every Bloomreacher can take 5 paid days off to volunteer*.
• The Bloomreach Glassdoor page elaborates on our stellar 4.4/5 rating. The Bloomreach Comparably page Culture score is even higher at 4.9/5

Personal Development:

• We have a People Development Program -- participating in personal development workshops on various topics run by experts from inside the company. We are continuously developing & updating competency maps for select functions.
• Our resident communication coach Ivo Večeřa is available to help navigate work-related communications & decision-making challenges.*
• Our managers are strongly encouraged to participate in the Leader Development Program to develop in the areas we consider essential for any leader. The program includes regular comprehensive feedback, consultations with a coach and follow-up check-ins.
• Bloomreachers utilize the $1,500 professional education budget on an annual basis to purchase education products (books, courses, certifications, etc.)*

Well-being:

• The Employee Assistance Program -- with counselors -- is available for non-work-related challenges.*
• Subscription to Calm - sleep and meditation app.*
• We organize ‘DisConnect’ days where Bloomreachers globally enjoy one additional day off each quarter, allowing us to unwind together and focus on activities away from the screen with our loved ones.
• We facilitate sports, yoga, and meditation opportunities for each other.
• Extended parental leave up to 26 calendar weeks for Primary Caregivers.*

Compensation:

• Restricted Stock Units or Stock Options are granted depending on a team member’s role, seniority, and location.*
• Everyone gets to participate in the company's success through the company performance bonus.*
• We offer an employee referral bonus of up to $3,000 paid out immediately after the new hire starts.
• We reward & celebrate work anniversaries -- Bloomversaries!*

(*Subject to employment type. Interns are exempt from marked benefits, usually for the first 6 months.)

Excited? Join us and transform the future of commerce experiences!

If this position doesn't suit you, but you know someone who might be a great fit, share it - we will be very grateful!

Any unsolicited resumes/candidate profiles submitted through our website or to personal email accounts of employees of Bloomreach are considered property of Bloomreach and are not subject to payment of agency fees.

#LI-Remote