Associate Security Analyst

Join the Bloomreach GIST (Global Information Security & Technology) team as an Associate Security Analyst and help protect our e-commerce environment from threats, vulnerabilities, and sophisticated attackers. Your work will have a significant impact on numerous customers across various e-commerce verticals and hundreds of millions of online users. As a core member of our globally distributed 24/7 Security Operations Team, you can work full-time from our India offices or from home.

Your job will be (but not limited to)

To Monitor, analyze & interpret security/system/application/infrastructure logs for events, configuration irregularities & potential incidents
To leverage security tools, custom built dashboards and/or proactive identification approaches to detect anomalous activities
Monitoring Cloud infrastructure for security-related events
Monitoring threat/vulnerability landscape and security advisories, coordinate and escalate as appropriate
To work with application security teams, product specialists, GRC, legal teams on active incidents and/or investigations
To participate in a major incident call, document incident report summaries
To document, follow and execute standard operating procedures (SOPs)
Documenting/Managing/maintaining & following use cases, playbooks and/or knowledge base articles
To work on incidents, requests related to security
Owning responsibilities within a shift with a positive mindset towards growth & upskilling

Professional experience, skills & requirements

2+ years of hands on experience as part of a 24*7 Security Operations team OR a starter with equivalent degree/specialization in the area of Cyber Security with a proven project dealing in the new age landscape (SaaS platform Security, SecOps, API/Container Security, Threat Intel/Hunting, Vulnerability Management).
Hands on experience or deep knowledge on usage of SIEM, SOAR, EDR ( modules like TI, VM, DLP)
Exposure or experience in using any of CSPM tools (SentinelOne, Falcon Horizon, Wiz,Sysdig,Prisma cloud,MS Defender)
Exposure or experience in assessing, interpreting & managing vulnerabilities using relevant tools.
Knowledge of either AWS or GCP is must
Should possess positive attitude to participate, own & drive tasks for POCs for various tools
Understanding of risk framework
Ability to assess emerging trends & threats in cyber security space
Should possess good analytical, problem-solving, and interpersonal skills. Should be able to apply & provide logical reasoning
Knowledge of NIST framework, OSINT standards, MITRE ATT&CK framework & cybersecurity incident lifecycle is an advantage. Beginner level of understanding is mandatory
Mandatory to work in a 24/7 rotation shift & weekends
Possess excellent command on communication in English being a good listener, speaker & reader

Your success story will be:

In the first 30 days you will

Understand the roles & responsibilities of SOC team, in-scope vs out of scope tasks
Read & understand SOPs, Policies & working procedures of the team
Shadow peers in day to day work, overlook tickets, alerts, incidents, understand the current state of ongoing projects/enhancements etc

In the next 30 days you will (60 days from start)

Start owning incidents, tasks as independent contributor with a peer shadowing you
Participate in incident related calls, cross team/department meetings
Handle SIEM/SOAR/EDR events

In the next 30 days you will(90 days from start)

You will start documenting or tweaking existing SOPs, process document
You will bear responsibilities of representing team in forums/meetings/discussions
You will start managing shift alone when needed
You will adapt yourself to service improvement mindset and contribute to overall success of the team