Associate Security Analyst

Join the Bloomreach GIST (Global Information Security & Technology) team as an Associate Security Analyst and help protect our e-commerce environment from threats, vulnerabilities, and sophisticated attackers. Your work will have a significant impact on numerous customers across various e-commerce verticals and hundreds of millions of online users. As a core member of our globally distributed 24/7 Security Operations Team, you can work full-time from our India offices or from home.

Your job will be (but not limited to)

● To Monitor, analyze & interpret security/system/application/infrastructure logs for events, configuration irregularities & potential incidents
● To leverage security tools, custom built dashboards and/or proactive identification approaches to detect anomalous activities
● Monitoring Cloud infrastructure for security-related events
● Monitoring threat/vulnerability landscape and security advisories, coordinate and escalate as appropriate
●To work with application security teams, product specialists, GRC, legal teams on active incidents and/or investigations
● To participate in a major incident call, document incident report summaries
● To document, follow and execute standard operating procedures (SOPs)
● Documenting/Managing/maintaining & following use cases, playbooks and/or knowledge base articles
● To work on incidents, requests related to security
● Owning responsibilities within a shift with a positive mindset towards growth & upskilling

Professional experience, skills & requirements

● 2+ years of hands on experience as part of a 24*7 Security Operations team OR a starter with equivalent degree/specialization in the area of Cyber Security with a proven project dealing in the new age landscape (SaaS platform Security, SecOps, API/Container Security, Threat Intel/Hunting, Vulnerability Management).
● Hands on experience or deep knowledge on usage of SIEM, SOAR, EDR ( modules like TI, VM, DLP)
● Exposure or experience in using any of CSPM tools (SentinelOne, Falcon Horizon, Wiz,Sysdig,Prisma cloud,MS Defender)
● Exposure or experience in assessing, interpreting & managing vulnerabilities using relevant tools.
● Knowledge of either AWS or GCP is must
● Should possess positive attitude to participate, own & drive tasks for POCs for various tools
● Understanding of risk framework
● Ability to assess emerging trends & threats in cyber security space
● Should possess good analytical, problem-solving, and interpersonal skills. Should be able to apply & provide logical reasoning
● Knowledge of NIST framework, OSINT standards, MITRE ATT&CK framework & cybersecurity incident lifecycle is an advantage. Beginner level of understanding is mandatory
● Mandatory to work in a 24/7 rotation shift & weekends
● Possess excellent command on communication in English being a good listener, speaker & reader 

Your success story will be:

In the first 30 days you will

● Understand the roles & responsibilities of SOC team, in-scope vs out of scope tasks
● Read & understand SOPs, Policies & working procedures of the team
● Shadow peers in day to day work, overlook tickets, alerts, incidents, understand the current state of ongoing projects/enhancements etc

In the next 30 days you will (60 days from start)

● Start owning incidents, tasks as independent contributor with a peer shadowing you
● Participate in incident related calls, cross team/department meetings
● Handle SIEM/SOAR/EDR events

In the next 30 days you will(90 days from start)

● You will start documenting or tweaking existing SOPs, process document
● You will bear responsibilities of representing team in forums/meetings/discussions
● You will start managing shift alone when needed
● You will adapt yourself to service improvement mindset and contribute to overall success of the team