Information Security Analyst (Mountain View)

Bloomreach Mountain View , CA 94035

Posted 1 week ago

Bloomreach software enables highly personalized digital experiences for enterprises around the world. Bloomreach Experience (BRX) is the world's first Digital Experience Platform specifically designed for retailers, brands, distributors and manufacturers. It combines a next-gen CMS with AI-powered digital merchandising and super search. BRX stimulates customer engagement and loyalty, even as it boosts conversion and increases revenue. Further, BRX balances machine learning with tools that keep human creativity at the helm of digital experience.

Recognized by leading analyst firms, Bloomreach is a Leader in the Gartner Magic Quadrant for Web Content Management (WCM), a Strong Performer in the Forrester Wave for WCM, and a Visionary in the Gartner Magic Quadrant for DXP.

With a global network of certified partners, Bloomreach serves hundreds of large and medium enterprise customers such as Neiman Marcus, Staples, REI, Mailchimp, FC Bayern Mnchen, and the UK's NHS Digital. Founded in 2009, Bloomreach is headquartered in Silicon Valley and Amsterdam, with offices worldwide.

Bloomreach is seeking an experienced Information Security Analyst to join our Information Security team, to help apply comprehensive cybersecurity and privacy analysis to our organization. This team member will work with our Head of Information Security to oversee the Information Security Governance, Risk, and Compliance program for Bloomreach. In this role, you will establish security policies, standards, methodologies, and processes while being responsible for executing assessments to ensure compliance with internal and external requirements, identifying risks, and communicating the identified risks to the stakeholders. As the subject matter expert in Information Security, you will have the opportunity lead large cross-functional projects.


  • Review, audit, monitor, and analyze security risks and vulnerabilities against policies, standards and frameworks such as ISO, SOC, GDPR, etc.

  • Work with cross-functional team members to identify improvement opportunities and providing feedback

  • Identify, document, and maintain security control matrix

  • Manage remediation efforts and track completion status of deficiencies

  • Manage the implementation of security governance by leading the process of governance, administration, and maintenance

  • Interact with sales, engineering, and product teams to ensure security capabilities and controls are in place and meet industry requirements

  • Serve as the subject matter expert who will actively guide Product & Engineering on all security and compliance related technical components

  • Develop, execute, maintain, and review Information Security Policies and Standards

  • Stay up to date on the latest changes in security practices, issues, and technologies

  • Conduct risk assessment reviews to identify risks and recommend remediation based on security best practices

  • Implement and recommend security controls based on ISO27001 framework

  • Work together with Sales and Legal team members to provide responses for customer proposals (RFPs)


  • 5+ years in Information Security (InfoSec), risk assessment, compliance, audit, security practices/ solutions/ methods (e.g. SOC, ISO, GDPR, etc).

  • Understanding of business processes, internal controls, risk management, IT controls, and related standards

  • Fundamental understanding of security domains

  • Experience in assisting in building Governance, Risk and Compliance practices

  • Thorough knowledge and understanding of current information risk assessment techniques required

  • Knowledge of frameworks such as NIST, ISO27001, etc

  • Strong analytical and organization skills with demonstrated ability to plan and manage projects along with ensuring deliverables meet work plan specifications and deadlines

  • Demonstrated understanding of SDLC and security related processes

  • Ability to interpret and communicate technical terms to non-technical audience

  • Certification preferred (CISSP, CISM, CISA, etc)

Any unsolicited resumes/candidate profiles submitted through our website or to personal email accounts of employees of BloomReach are considered property of BloomReach and are not subject to payment of agency fees.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Technical Writer Mountain View (Contract)


Posted 2 days ago

VIEW JOBS 3/21/2019 12:00:00 AM 2019-06-19T00:00 <p>DataVisor is a next generation fraud detection company that utilizes industry-leading unsupervised machine learning to detect fraudulent activity for financial transactions, social commerce, mobile user acquisition and money laundering. Our award-winning platform is developed by a team of world-class experts in big data, security and scalable infrastructure, and used by the largest internet properties and financial institutions in the world including Pinterest, Yelp and Toutiao.</p><p>As our business expands, we are looking for a rock-star technical writer to join our team in our Mountain View HQ. This position will be responsible for creating, maintaining and distributing external-facing documentation and how-to guides related to our products and services. This will be a 6-month contract position with possibility to extend or convert to a full-time position.</p><p><br></p><p><strong>Job Responsibilities</strong></p><ul> <li>Work with internal teams gain a deep understanding of product capabilities and documentation needs</li> <li>Research, write and maintain product documentation and other technical literature</li> <li>Interview product managers, engineers and other SMEs to gather information regarding products and features</li> <li>Produce technical long-form content such as installation and integration guides</li> <li>Publish and update online documentation on our customer support portal and in-app help sections</li> <li>Create and maintain user training and certification programs</li> <li>Ensure clear and consistent style and structure across documents and media formats</li> </ul><p><strong>Requirements</strong></p><ul> <li>2+ years experience as a technical writer or similar role at a software company</li> <li>Excellent writing skills and verbal communication, with an acute eye for detail</li> <li>Proven ability to understand and translate complex topics such as machine learning functionality into easy-to-understand documentation and user guides</li> <li>Ability to thrive in a fast-paced startup environment</li> <li>Prior experience working with technical products related to machine learning, big data or analytics a large plus</li> <li>Domain expertise in fraud or related domain a plus</li> <li>Proficiency with Microsoft Office suite (Word, Powerpoint)</li> <li>Experience with graphics and publishing software e.g. InDesign a plus</li> <li>Bachelor’s degree in a relevant technical field</li> </ul><p><strong>Benefits</strong></p><ul><li>We offer a flexible schedule with competitive pay, equity participation and health benefits, company off-sites, as well as the opportunity to work with a world class team.</li></ul> Datavisor Mountain View CA

Information Security Analyst (Mountain View)