• Lead end-to-end incident response for security incidents including fraud, abuse, and platform vulnerabilities • Drive root cause analysis leading to permanent, system-level fixes • Design and implement guardrails to prevent misuse and abuse within the platform • Embed security into product and engineering workflows • Prioritise risks based on real-world impact • Drive vulnerability management and pentesting, focusing on exploitability and business impact • Collaborate with Product, Engineering, and GRC teams to ensure practical and effective security

Role Description We are looking for a Security Analyst to join the Bloomreach GIST (Global Information Security & Technology) team to help protect our environment from threats, vulnerabilities, and sophisticated attackers. Your work will have a significant impact on numerous customers across various e-commerce verticals and hundreds of millions of online users. As a core member of our globally distributed 24/7 Security Operations Team, you are expected to work from one of our India offices (Bengaluru) or from home. This role is ideal for someone who has built a solid foundation in security operations and is ready to take the next step — owning more complex work, developing specialised skills, and contributing more meaningfully to the team's detection and response mission. Your job will be (but not limited to): - Monitor, analyze & interpret security/system/application/infrastructure logs for events, configuration irregularities & potential incidents. - Leverage security tools, custom built dashboards and/or proactive identification approaches to detect anomalous activities. - Monitor Cloud infrastructure for security-related events. - Monitor threat/vulnerability landscape and security advisories, coordinate and escalate as appropriate. - Collaborate with Product Security, Infrastructure Security, and GRC teams on cross-functional investigations and audit-related tasks as needed. - Work with application security teams, product specialists, GRC, and legal teams on active incidents and/or investigations. - Participate in a major incident call, document incident report summaries. - Document, follow and execute standard operating procedures (SOPs). - Documenting/Managing/maintaining & following use cases, playbooks and/or knowledge base articles. - Work on incidents, requests related to security. - Develop and maintain security detection use cases and alerts within SIEM platforms. - Design and implement automation workflows using SOAR or similar security orchestration tools. - Working knowledge of AI/LLM tools (e.g., Gemini, ChatGPT, Claude) and their application in security operations. - Understanding of authentication mechanisms, including private/public key concepts, familiarity with command-line interfaces (CLI), IDE-based tools, and agent-based workflows. - Awareness of API usage, token management, and secure handling of credentials. - Own responsibilities within a shift with a positive mindset towards growth & upskilling. - Engage & escalate issues as necessary. Qualifications - 3+ years of hands-on experience as part of a 24/7 Security Operations team or Cyber Fusion Center team supporting any one of the following as minimum: SaaS platform Security, Cloud Security, API/Container Security, Threat Intel/Hunting, Vulnerability Management. - Hands-on experience and deep knowledge on usage of SIEM (Splunk preferred), SOAR, EDR (modules like TI, VM, DLP). - Hands-on experience in using any of CSPM tools (SentinelOne, Falcon Horizon, Wiz, Sysdig, Prisma cloud, MS Defender). - Hands-on experience assessing, interpreting & managing vulnerabilities using relevant tools (CS Spotlight, QualysGuard, Rapid 7). - Hands-on experience of either AWS or GCP is a must. - Understanding of risk frameworks. - Ability to assess emerging trends & threats in the cyber security space. - Good analytical, problem-solving, and interpersonal skills. - Knowledge of NIST framework, OSINT standards, MITRE ATT&CK framework & cybersecurity incident lifecycle. - Knowledge of network protocols, operating systems (Linux, macOS, Windows), and security fundamentals. - Basic scripting skills (Python, Bash, or PowerShell) for automating repetitive tasks. - Entry-level or intermediate security certifications (e.g., CompTIA Security+, CySA+, GSEC, or equivalent). - Previous experience in a SaaS, e-commerce, or technology company. Requirements - Mandatory to work in a 24/7 rotation shift & weekends. - Possess excellent command on communication in English being a good listener, speaker & reader. - Experience working in a global team or understanding dialects from various parts of the world. - Growing independence in handling security events — able to work through moderate issues with some guidance, applying best practices and established procedures. - Strong analytical thinking and attention to detail, with a developing ability to connect findings across data sources during investigations. - Good written and verbal communication skills — able to document investigations clearly and provide accurate status updates. - Curious and eager to learn — actively seeks out new knowledge about threats, tools, and techniques. - Team-oriented with a collaborative, low-drama approach to working with colleagues across functions and time zones. - Proactive mindset — takes initiative to improve personal skills and contribute to the team's knowledge and processes. Benefits - A great deal of freedom and trust; no corporate rules or long approval processes. - Defined values and behaviors embedded in processes like recruitment, onboarding, feedback, and performance review. - Flexible working hours to accommodate your working style. - Virtual-first work environment with several Bloomreach Hubs available across three continents. - Company events to experience the global spirit of the company. - Support for volunteering activities — every Bloomreacher can take 5 paid days off to volunteer. - Employee Assistance Program with counselors for non-work-related challenges. - Subscription to Calm - sleep and meditation app. - ‘DisConnect’ days where Bloomreachers globally enjoy one additional day off each quarter. - Extended parental leave up to 26 calendar weeks for Primary Caregivers. - Restricted Stock Units or Stock Options based on role, seniority, and location. - Participation in the company's success through the company performance bonus. - Employee referral bonus of up to $3,000 paid out immediately after the new hire starts. - Celebration of work anniversaries — Bloomversaries! Company Description Bloomreach is building the world’s premier agentic platform for personalization. We’re revolutionizing how businesses connect with their customers, building and deploying AI agents to personalize the entire customer journey. We power personalization for more than 1,400 global brands, including American Eagle, Sonepar, and Pandora.

• Monitor, manage, and administer IT Security specific technical control solutions (e.g. Content filtering, IDS/IPS, Firewall, End point protection, etc..) • Monitor and respond to information security issues related to the systems and workflow to ensure security policies and procedures are enforced. • Administer and monitor security profiles, review security violation reports, and investigate possible security exceptions. • Coordinate response to information security incidents. • Collaborate with IT management, legal, compliance and other applicable teams to manage vulnerability exposures. • Assist in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines). • Create, manage and maintain user security awareness. • Conduct security research in keeping abreast of latest security issues. • Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness.

Coordinate and oversee security, safety, and risk management activities in public spaces. Engage with stakeholders, monitor compliance, and respond to incidents to ensure safe operations during events and high-traffic activities.