Join the Bloomreach GIST (Global Information Security & Technology) team as an Associate Security Analyst and help protect our e-commerce environment from threats, vulnerabilities, and sophisticated attackers. Your work will have a significant impact on numerous customers across various e-commerce verticals and hundreds of millions of online users. As a core member of our globally distributed 24/7 Security Operations Team, you can work full-time from our India offices or from home.

Your job will be (but not limited to)

● To Monitor, analyze & interpret security/system/application/infrastructure logs for events, configuration irregularities & potential incidents
● To leverage security tools, custom built dashboards and/or proactive identification approaches to detect anomalous activities
● Monitoring Cloud infrastructure for security-related events
● Monitoring threat/vulnerability landscape and security advisories, coordinate and escalate as appropriate
●To work with application security teams, product specialists, GRC, legal teams on active incidents and/or investigations
● To participate in a major incident call, document incident report summaries
● To document, follow and execute standard operating procedures (SOPs)
● Documenting/Managing/maintaining & following use cases, playbooks and/or knowledge base articles
● To work on incidents, requests related to security
● Owning responsibilities within a shift with a positive mindset towards growth & upskilling

Professional experience, skills & requirements

● 2+ years of hands on experience as part of a 24*7 Security Operations team OR a starter with equivalent degree/specialization in the area of Cyber Security with a proven project dealing in the new age landscape (SaaS platform Security, SecOps, API/Container Security, Threat Intel/Hunting, Vulnerability Management).
● Hands on experience or deep knowledge on usage of SIEM, SOAR, EDR ( modules like TI, VM, DLP)
● Exposure or experience in using any of CSPM tools (SentinelOne, Falcon Horizon, Wiz,Sysdig,Prisma cloud,MS Defender)
● Exposure or experience in assessing, interpreting & managing vulnerabilities using relevant tools.
● Knowledge of either AWS or GCP is must
● Should possess positive attitude to participate, own & drive tasks for POCs for various tools
● Understanding of risk framework
● Ability to assess emerging trends & threats in cyber security space
● Should possess good analytical, problem-solving, and interpersonal skills. Should be able to apply & provide logical reasoning
● Knowledge of NIST framework, OSINT standards, MITRE ATT&CK framework & cybersecurity incident lifecycle is an advantage. Beginner level of understanding is mandatory
● Mandatory to work in a 24/7 rotation shift & weekends
● Possess excellent command on communication in English being a good listener, speaker & reader 

Your success story will be:

In the first 30 days you will

● Understand the roles & responsibilities of SOC team, in-scope vs out of scope tasks
● Read & understand SOPs, Policies & working procedures of the team
● Shadow peers in day to day work, overlook tickets, alerts, incidents, understand the current state of ongoing projects/enhancements etc

In the next 30 days you will (60 days from start)

● Start owning incidents, tasks as independent contributor with a peer shadowing you
● Participate in incident related calls, cross team/department meetings
● Handle SIEM/SOAR/EDR events

In the next 30 days you will(90 days from start)

● You will start documenting or tweaking existing SOPs, process document
● You will bear responsibilities of representing team in forums/meetings/discussions
● You will start managing shift alone when needed
● You will adapt yourself to service improvement mindset and contribute to overall success of the team

About the Team

The GIST IT Helpdesk is the front line for supporting Bloomreachers with secure, reliable access to our tools, data, and devices. The team manages access to company systems, laptops, and core collaboration platforms (e.g., Google Workspace, Slack, Zoom, Freshservice, JumpCloud) with a strong focus on access minimization and security best practices.

Location: London (two days per week in office) – with flexibility to support a global, remote-first workforce.

Role Overview

As an IT Helpdesk Support (P1), you are an early-career IT professional focused on learning and executing well-defined, foundational support tasks under close guidance. You will:

• Handle basic, clearly scoped incidents and service requests via email, chat (Slack), and support tickets (Freshservice), following established runbooks
• Support account lifecycle operations (onboarding, offboarding, access changes) across key SaaS tools via JumpCloud and related systems
• Contribute to the security and stability of our environment by applying standard procedures for access, device, and account protection

This is an excellent entry point into corporate IT, with a clear growth path toward more independent P2/P3 roles in Infrastructure, Security Operations, or broader GIST functions.

Key Responsibilities

End-User Support & Ticket Handling

• Serve as a first-line point of contact for IT-related issues and requests.
• Log, categorize, and prioritize tickets accurately, escalating to senior helpdesk or infrastructure engineers when needed.
• Resolve basic / well-defined issues such as:
• Password resets and SSO access issues
• Standard software install/uninstall requests
• Basic troubleshooting for Google Workspace, Slack, Zoom, and other standard tools
• Follow documented troubleshooting steps and escalation procedures consistently, keeping users informed on ticket status.

Access Management & Identity

• Process standard access requests for company tools following least-privilege and access-minimization principles.
• Use JumpCloud and other IAM tooling to:
• Provision/deprovision users
• Assign/remove application access
• Enforce MFA and basic security controls
• Validate approvals (manager + application owner) before granting access and document changes in Freshservice.

Device & Endpoint Support

• Support laptop setup and configuration for new hires (OS configuration, management agent enrollment, security tools, core applications) in line with IT and security standards.
• Perform basic endpoint troubleshooting (performance issues, connectivity, common application errors).
• Ensure devices stay compliant with security baselines (disk encryption, screen lock, OS patch level) and flag deviations for remediation.

Documentation & Knowledge

• Follow existing knowledge base articles in Bloomroom – IT Helpdesk and contribute updates for common issues and workflows.
• Document resolutions and workarounds clearly in tickets to support future self-service and reduce repeat incidents.
• Participate in internal reviews of runbooks and SOPs, suggesting improvements based on recurring issues you see.

Collaboration & Security Culture

• Collaborate with Infrastructure, Security Operations, and Workplace Experience/People teams on onboarding, offboarding, and tooling changes.
• Reinforce security awareness with users (e.g., phishing, account sharing, strong passwords, reporting suspicious activity).
• Escalate any suspected security incidents promptly to the SOC or security team as per defined procedures.

Required Qualifications & Experience

• 0–2 years of experience in an IT Helpdesk, Service Desk, or technical support role in a corporate or MSP environment (internships and part-time roles welcome).
• Basic understanding of:
• Operating systems (Windows and/or macOS)
• Networking fundamentals (Wi-Fi, VPN, basic connectivity troubleshooting)
• SaaS concepts and SSO/identity providers
• Strong customer service orientation with clear, professional written and verbal communication in English.
• Demonstrated ability to follow runbooks and procedures accurately, asking for help when issues are unclear or out of scope.
• Proven interest in IT (coursework, certifications, labs, side projects, or prior support experience).

Preferred Qualifications

• Exposure to or interest in:
• Google Workspace, Slack, Zoom, and other modern collaboration tools
• Ticketing tools such as Freshservice, Zendesk, or ServiceNow
• Identity and access management solutions (e.g., JumpCloud, Okta, Azure AD SSO)
• Basic awareness of information security concepts (least privilege, MFA, phishing, secure handling of data).
• Entry-level certifications a plus (e.g., CompTIA A+, ITF+, Google IT Support, or similar).

Growth Expectations (Bloomreach Career Architecture)

This role is mapped to P1 – Novice Contributor in the Bloomreach career architecture:

• Demonstrates potential and intrinsic motivation, with limited prior industry experience.
• Handles basic, well-defined tasks and contributes to team projects under close supervision.
• Applies foundational knowledge and problem-solving skills to straightforward issues, escalating when complexity increases.
• Focuses on building core competencies in:
• Technical troubleshooting
• Tool and process familiarity (Freshservice, JumpCloud, core SaaS)
• Communication and collaboration with peers and stakeholders

Performance and growth will be evaluated against these expectations and the broader Bloomreach values and career architecture guidelines.

Career Growth

Success in this role prepares you for progression to P2 (Developing Professional) roles in:

• IT Helpdesk / Service Desk (greater ownership, more complex issues)
• IT Infrastructure / Systems Administration
• Security Operations (SOC Analyst, Product Security)
• Broader GIST and G&A roles aligned with your strengths and interests

You’ll be supported with on-the-job training, peer mentoring, and access to learning resources as defined in Bloomreach’s Career Architecture and development programs.

• Perform periodic audits on company procedures and processes and report on the organization’s compliance.
• Identify, analyze, and resolve compliance issues.
• Support the sales process by completing RFPs.
• Ensure that all policies and standards are regularly reviewed and up-to-date.
• Keep the company’s process mapping and responsibilities structure chart up to date.
• Develop and update existing compliance policies and related documentation.
• Proactively research to stay up-to-date with regulations and rules.
• Communicate regulations to internal and external parties.
• Assist with management review preparation
• Communication with clients across various regions (EMEA, US)

• Strong knowledge of industry compliance requirements and standards.
• Good understanding of SaaS Business.
• Good understanding of Governance, Risk, and Compliance in IT environment.
• Outstanding communication and interpersonal abilities.
• Previous experience as a compliance analyst, compliance officer, compliance manager, or similar position in a related field.
• Advanced analytical abilities.
• Effective research skills.
• Ability to perform under pressure.
• Experience with ISO security standards.
• Experience with SOC auditing.

#LI-HO1

• Perform periodic audits on company procedures and processes and report on the organization’s compliance.
• Identify, analyze, and resolve compliance issues.
• Support the sales process by completing RFPs.
• Ensure that all policies and standards are regularly reviewed and up-to-date.
• Keep the company’s process mapping and responsibilities structure chart up to date.
• Develop and update existing compliance policies and related documentation.
• Proactively research to stay up-to-date with regulations and rules.
• Communicate regulations to internal and external parties.
• Assist with management review preparation
• Communication with clients across various regions (EMEA, US)

• Strong knowledge of industry compliance requirements and standards.
• Good understanding of SaaS Business.
• Good understanding of Governance, Risk, and Compliance in IT environment.
• Outstanding communication and interpersonal abilities.
• Previous experience as a compliance analyst, compliance officer, compliance manager, or similar position in a related field.
• Advanced analytical abilities.
• Effective research skills.
• Ability to perform under pressure.
• Experience with ISO security standards.
• Experience with SOC auditing.

#LI-HO1

• Perform periodic audits on company procedures and processes and report on the organization’s compliance.
• Identify, analyze, and resolve compliance issues.
• Support the sales process by completing RFPs.
• Ensure that all policies and standards are regularly reviewed and up-to-date.
• Keep the company’s process mapping and responsibilities structure chart up to date.
• Develop and update existing compliance policies and related documentation.
• Proactively research to stay up-to-date with regulations and rules.
• Communicate regulations to internal and external parties.
• Assist with management review preparation
• Communication with clients across various regions (EMEA, US)

• Strong knowledge of industry compliance requirements and standards.
• Good understanding of SaaS Business.
• Good understanding of Governance, Risk, and Compliance in IT environment.
• Outstanding communication and interpersonal abilities.
• Previous experience as a compliance analyst, compliance officer, compliance manager, or similar position in a related field.
• Advanced analytical abilities.
• Effective research skills.
• Ability to perform under pressure.
• Experience with ISO security standards.
• Experience with SOC auditing.

#LI-HO1

The Senior Staff Security Infrastructure Engineer owns current and target-state data architectures and reporting while also designing, implementing, and monitoring cloud (AWS/GCP) infrastructure security controls; deploying, securing, configuring, and operating SIEM and other security resources; identifying, triaging, and remediating infrastructure and web vulnerabilities; leading incident triage and external-researcher engagement; and mentoring junior staff.

Your salary starts from €5000 gross per month with restricted stock units and other benefits included. You can work in one of our Central Europe offices (Bratislava, Brno, Prague) or from home in Central and Eastern Europe on a full-time basis.

Role summary and core responsibilities 

6+ years of relevant experience; candidates must demonstrate proficiency in cloud security, network security, URL filtering, common security frameworks, and CVE lifecycle management; practical IaC and scripting for automation; strong cross-functional and external communication; and experience mentoring junior staff.

Technical Skills:

• Hands-on cloud security for AWS and GCP: design secure architectures, perform threat modeling, apply platform-native controls, and build/validate secure IaC.
• SIEM ownership and detection engineering: deploy, configure, tune, and maintain SIEM; author and test detection rules and playbooks; integrate data sources; and operate with SLA-driven alerting and incident workflows.
• Vulnerability and incident lifecycle ownership: identify, triage, and remediate infrastructure and web vulnerabilities 
• Drive CVE lifecycle management and patching:  perform root cause analysis and measure MTTR and remediation rates.
• Network, web, and endpoint protections: design and manage firewalls, WAFs, cloud network controls, URL/web filtering, with demonstrable operational experience.
• Secure automation and tooling: author automation for detection, alert enrichment, and remediation; build or extend security tooling using scripting or languages such as Python, Go, or Bash.
• Infrastructure as code and secure CI pipelines: implement guardrails and policy-as-code in CI/CD pipelines, perform static IaC scanning, and enforce security baselines before deployment.
• Detection, telemetry, and observability: define logging and telemetry requirements, ensure coverage for critical assets, and validate detection efficacy and alert fidelity.
• Security standards, playbooks, and enforcement: develop, document, and operationalize organization-wide security standards, runbooks, and playbooks; partner with engineering pillars to ensure adoption.
• Threat-informed defensive engineering: apply threat modeling and adversary-focused testing to guide controls, detection, and resilient designs.
• Cross-functional and external communication: communicate clearly with engineering teams, leadership, external researchers, and customers; lead vulnerability disclosure and researcher engagement.
• Mentorship and prioritization: mentor junior engineers, prioritize security projects based on risk and business impact, and drive continuous improvement of infrastructure security posture.
• Familiarity with frameworks and common weaknesses: working knowledge of CIS/NIST, common security libraries and controls, and typical flaws exploited in infrastructure and web applications.

Skills and qualifications:

• AWS Certified Security 
• Google Professional Cloud Security Engineer
• Splunk Certified Admin or Splunk Certified Enterprise Security Admin
• CISSP (Certified Information Systems Security Professional)
• Certified Cloud Security Professional (CCSP)
• Cloud Security Alliance CCSK

#LI-HO1

The Senior Staff Security Infrastructure Engineer owns current and target-state data architectures and reporting while also designing, implementing, and monitoring cloud (AWS/GCP) infrastructure security controls; deploying, securing, configuring, and operating SIEM and other security resources; identifying, triaging, and remediating infrastructure and web vulnerabilities; leading incident triage and external-researcher engagement; and mentoring junior staff.

You can work in one of our Central Europe offices (Bratislava, Brno, Prague) or from home in Central and Eastern Europe on a full-time basis.

Role summary and core responsibilities 

6+ years of relevant experience; candidates must demonstrate proficiency in cloud security, network security, URL filtering, common security frameworks, and CVE lifecycle management; practical IaC and scripting for automation; strong cross-functional and external communication; and experience mentoring junior staff.

Technical Skills:

• Hands-on cloud security for AWS and GCP: design secure architectures, perform threat modeling, apply platform-native controls, and build/validate secure IaC.
• SIEM ownership and detection engineering: deploy, configure, tune, and maintain SIEM; author and test detection rules and playbooks; integrate data sources; and operate with SLA-driven alerting and incident workflows.
• Vulnerability and incident lifecycle ownership: identify, triage, and remediate infrastructure and web vulnerabilities 
• Drive CVE lifecycle management and patching:  perform root cause analysis and measure MTTR and remediation rates.
• Network, web, and endpoint protections: design and manage firewalls, WAFs, cloud network controls, URL/web filtering, with demonstrable operational experience.
• Secure automation and tooling: author automation for detection, alert enrichment, and remediation; build or extend security tooling using scripting or languages such as Python, Go, or Bash.
• Infrastructure as code and secure CI pipelines: implement guardrails and policy-as-code in CI/CD pipelines, perform static IaC scanning, and enforce security baselines before deployment.
• Detection, telemetry, and observability: define logging and telemetry requirements, ensure coverage for critical assets, and validate detection efficacy and alert fidelity.
• Security standards, playbooks, and enforcement: develop, document, and operationalize organization-wide security standards, runbooks, and playbooks; partner with engineering pillars to ensure adoption.
• Threat-informed defensive engineering: apply threat modeling and adversary-focused testing to guide controls, detection, and resilient designs.
• Cross-functional and external communication: communicate clearly with engineering teams, leadership, external researchers, and customers; lead vulnerability disclosure and researcher engagement.
• Mentorship and prioritization: mentor junior engineers, prioritize security projects based on risk and business impact, and drive continuous improvement of infrastructure security posture.
• Familiarity with frameworks and common weaknesses: working knowledge of CIS/NIST, common security libraries and controls, and typical flaws exploited in infrastructure and web applications.

Skills and qualifications:

• AWS Certified Security 
• Google Professional Cloud Security Engineer
• Splunk Certified Admin or Splunk Certified Enterprise Security Admin
• CISSP (Certified Information Systems Security Professional)
• Certified Cloud Security Professional (CCSP)
• Cloud Security Alliance CCSK

#LI-HO1

The Staff Security Engineer owns current and target-state data architectures and reporting while also designing, implementing, and monitoring cloud (AWS/GCP) infrastructure security controls; deploying, securing, configuring, and operating SIEM and other security resources; identifying, triaging, and remediating infrastructure and web vulnerabilities; leading incident triage and external-researcher engagement; and mentoring junior staff. 

Your salary starts from €4000 gross per month with restricted stock units and other benefits included. You can work in one of our Central Europe offices (Bratislava, Brno, Prague) or from home in Central and Eastern Europe on a full-time basis.

Role summary and core responsibilities 

6+ years of relevant experience; candidates must demonstrate proficiency in cloud security, network security, URL filtering, common security frameworks, and CVE lifecycle management; practical IaC and scripting for automation; strong cross-functional and external communication; and experience mentoring junior staff.

Technical Skills:

• Hands-on cloud security for AWS and GCP: design secure architectures, perform threat modeling, apply platform-native controls, and build/validate secure IaC.
• SIEM ownership and detection engineering: deploy, configure, tune, and maintain SIEM; author and test detection rules and playbooks; integrate data sources; and operate with SLA-driven alerting and incident workflows.
• Vulnerability and incident lifecycle ownership: identify, triage, and remediate infrastructure and web vulnerabilities 
• Drive CVE lifecycle management and patching:  perform root cause analysis and measure MTTR and remediation rates.
• Network, web, and endpoint protections: design and manage firewalls, WAFs, cloud network controls, URL/web filtering, with demonstrable operational experience.
• Secure automation and tooling: author automation for detection, alert enrichment, and remediation; build or extend security tooling using scripting or languages such as Python, Go, or Bash.
• Infrastructure as code and secure CI pipelines: implement guardrails and policy-as-code in CI/CD pipelines, perform static IaC scanning, and enforce security baselines before deployment.
• Detection, telemetry, and observability: define logging and telemetry requirements, ensure coverage for critical assets, and validate detection efficacy and alert fidelity.
• Security standards, playbooks, and enforcement: develop, document, and operationalize organization-wide security standards, runbooks, and playbooks; partner with engineering pillars to ensure adoption.
• Threat-informed defensive engineering: apply threat modeling and adversary-focused testing to guide controls, detection, and resilient designs.
• Cross-functional and external communication: communicate clearly with engineering teams, leadership, external researchers, and customers; lead vulnerability disclosure and researcher engagement.
• Mentorship and prioritization: mentor junior engineers, prioritize security projects based on risk and business impact, and drive continuous improvement of infrastructure security posture.
• Familiarity with frameworks and common weaknesses: working knowledge of CIS/NIST, common security libraries and controls, and typical flaws exploited in infrastructure and web applications.

Skills and qualifications:

• AWS Certified Security 
• Google Professional Cloud Security Engineer
• Splunk Certified Admin or Splunk Certified Enterprise Security Admin
• CISSP (Certified Information Systems Security Professional)
• Certified Cloud Security Professional (CCSP)
• Cloud Security Alliance CCSK

The Staff Security Engineer owns current and target-state data architectures and reporting while also designing, implementing, and monitoring cloud (AWS/GCP) infrastructure security controls; deploying, securing, configuring, and operating SIEM and other security resources; identifying, triaging, and remediating infrastructure and web vulnerabilities; leading incident triage and external-researcher engagement; and mentoring junior staff. 

You can work in one of our Central Europe offices (Bratislava, Brno, Prague) or from home in Central and Eastern Europe on a full-time basis.

Role summary and core responsibilities 

6+ years of relevant experience; candidates must demonstrate proficiency in cloud security, network security, URL filtering, common security frameworks, and CVE lifecycle management; practical IaC and scripting for automation; strong cross-functional and external communication; and experience mentoring junior staff.

Technical Skills:

• Hands-on cloud security for AWS and GCP: design secure architectures, perform threat modeling, apply platform-native controls, and build/validate secure IaC.
• SIEM ownership and detection engineering: deploy, configure, tune, and maintain SIEM; author and test detection rules and playbooks; integrate data sources; and operate with SLA-driven alerting and incident workflows.
• Vulnerability and incident lifecycle ownership: identify, triage, and remediate infrastructure and web vulnerabilities 
• Drive CVE lifecycle management and patching:  perform root cause analysis and measure MTTR and remediation rates.
• Network, web, and endpoint protections: design and manage firewalls, WAFs, cloud network controls, URL/web filtering, with demonstrable operational experience.
• Secure automation and tooling: author automation for detection, alert enrichment, and remediation; build or extend security tooling using scripting or languages such as Python, Go, or Bash.
• Infrastructure as code and secure CI pipelines: implement guardrails and policy-as-code in CI/CD pipelines, perform static IaC scanning, and enforce security baselines before deployment.
• Detection, telemetry, and observability: define logging and telemetry requirements, ensure coverage for critical assets, and validate detection efficacy and alert fidelity.
• Security standards, playbooks, and enforcement: develop, document, and operationalize organization-wide security standards, runbooks, and playbooks; partner with engineering pillars to ensure adoption.
• Threat-informed defensive engineering: apply threat modeling and adversary-focused testing to guide controls, detection, and resilient designs.
• Cross-functional and external communication: communicate clearly with engineering teams, leadership, external researchers, and customers; lead vulnerability disclosure and researcher engagement.
• Mentorship and prioritization: mentor junior engineers, prioritize security projects based on risk and business impact, and drive continuous improvement of infrastructure security posture.
• Familiarity with frameworks and common weaknesses: working knowledge of CIS/NIST, common security libraries and controls, and typical flaws exploited in infrastructure and web applications.

Skills and qualifications:

• AWS Certified Security 
• Google Professional Cloud Security Engineer
• Splunk Certified Admin or Splunk Certified Enterprise Security Admin
• CISSP (Certified Information Systems Security Professional)
• Certified Cloud Security Professional (CCSP)
• Cloud Security Alliance CCSK

#LI-HO1