Associate Security Analyst

Bloomreach is building the world’s premier agentic platform for personalization .We’re revolutionizing how businesses connect with their customers, building and deploying AI agents to personalize the entire customer journey. We're taking autonomous search mainstream, making product discovery more intuitive and conversational for customers, and more profitable for businesses. We’re making conversational shopping a reality, connecting every shopper with tailored guidance and product expertise — available on demand, at every touchpoint in their journey. We're designing the future of autonomous marketing , taking the work out of workflows, and reclaiming the creative, strategic, and customer-first work marketers were always meant to do. And we're building all of that on the intelligence of a single AI engine — Loomi AI — so that personalization isn't only autonomous…it's also consistent.From retail to financial services, hospitality to gaming, businesses use Bloomreach to drive higher growth and lasting loyalty. We power personalization for more than 1,400 global brands, including American Eagle, Sonepar, and Pandora. Join the Bloomreach GIST (Global Information Security Technology) team as an Associate Security Analyst and help protect our e-commerce environment from threats, vulnerabilities, and sophisticated attackers. Your work will have a significant impact on numerous customers across various e-commerce verticals and hundreds of millions of online users. As a core member of our globally distributed 24/7 Security Operations Team, you can work full-time from our India offices or from home. Your job will be (but not limited to) ● To Monitor, analyze interpret security/system/application/infrastructure logs for events, configuration irregularities potential incidents ● To leverage security tools, custom built dashboards and/or proactive identification approaches to detect anomalous activities ● Monitoring Cloud infrastructure for security-related events ● Monitoring threat/vulnerability landscape and security advisories, coordinate and escalate as appropriate ●To work with application security teams, product specialists, GRC, legal teams on active incidents and/or investigations ● To participate in a major incident call, document incident report summaries ● To document, follow and execute standard operating procedures (SOPs) ● Documenting/Managing/maintaining following use cases, playbooks and/or knowledge base articles ● To work on incidents, requests related to security ● Owning responsibilities within a shift with a positive mindset towards growth upskilling Professional experience, skills requirements ● 2+ years of hands on experience as part of a 24*7 Security Operations team OR a starter with equivalent degree/specialization in the area of Cyber Security with a proven project dealing in the new age landscape (SaaS platform Security, SecOps, API/Container Security, Threat Intel/Hunting, Vulnerability Management). ● Hands on experience or deep knowledge on usage of SIEM, SOAR, EDR ( modules like TI, VM, DLP) ● Exposure or experience in using any of CSPM tools (SentinelOne, Falcon Horizon, Wiz,Sysdig,Prisma cloud,MS Defender) ● Exposure or experience in assessing, interpreting managing vulnerabilities using relevant tools. ● Knowledge of either AWS or GCP is must ● Should possess positive attitude to participate, own drive tasks for POCs for various tools ● Understanding of risk framework ● Ability to assess emerging trends threats in cyber security space ● Should possess good analytical, problem-solving, and interpersonal skills. Should be able to apply provide logical reasoning ● Knowledge of NIST framework, OSINT standards, MITRE ATTCK framework cybersecurity incident lifecycle is an advantage. Beginner level of understanding is mandatory ● Mandatory to work in a 24/7 rotation shift weekends ● Possess excellent command on communication in English being a good listener, speaker rea ... (truncated, view full listing at source)