Security Infrastructure Engineer



Powerful content, customer engagement, and product discovery offerings to achieve true personalization and drive unparalleled business growth.

View company page

Bloomreach is the world’s #1 Commerce Experience Cloud, empowering brands to deliver customer journeys so personalized, they feel like magic. It offers a suite of products that drive true personalization and digital commerce growth, including:

  • Discovery, offering AI-driven search and merchandising
  • Content, offering a headless CMS
  • Engagement, offering a leading CDP and marketing automation solutions

Together, these solutions combine the power of unified customer and product data with the speed and scale of AI-optimization, enabling revenue-driving digital commerce experiences that convert on any channel and every journey. Bloomreach serves over 850 global brands including Albertsons, Bosch, Puma, FC Bayern München, and Marks & Spencer. Bloomreach recently raised $175 million in a Series F funding round, bringing its total valuation to $2.2 billion. The investment was led by Goldman Sachs Asset Management with participation from Bain Capital Ventures and Sixth Street Growth. For more information, visit


Job Overview

Faced with an ever-increasing cyber-security threat, Bloomreach needs to maintain a vigilant approach to protect its systems and data, and Security Engineers play a key role in this process. Security Engineers can be responsible for several functions associated with IT security - from ensuring the security of software to selecting and/or constructing and deploying broader network security systems.

Responsibilities for Security Engineer

Technical Skills

  • Familiar with common security libraries, security controls, and common security flaws.
  • Ability to identify vulnerabilities in infrastructure resources and other web-based security vulnerabilities.
  • There should also be time to participate in the development of Bloomreach.
  • Analyze security systems and seek improvements continuously
  • Report possible threats or software issues
  • Basic coding skills, such as HTML, CSS, Python, Go and other languages
  • Proactively identify and reduce security risks.
  • Understand security concepts to properly evaluate, identify, implement and enforcing security across the organization
  • Experience in Cloud platforms (AWS and GCP)
  • Administrative experience with SIEM solutions and the ability to deploy, secure, configure and maintain resource(s)
  • Expertise across a variety of security products, including firewalls, URL filtering, information security, and virus protection
  • Exposure to Linux and/or Windows Operating Systems, and Networking


  • Consult with engineering pillars to analyze and propose resource security standards, methods, and architectures.
  • Handle communications with independent vulnerability researchers and design appropriate mitigation strategies for reported vulnerabilities.
  • Educate other developers on secure coding best practices.
  • Ability to professionally handle communications with outside researchers, users, and customers.
  • Outstanding communication skills that go beyond “tech talk” – the ability to translate complex IT matters to those without an IT background.
  • Good written and verbal communication skills

Performance & Scalability

  • An understanding of best practices and how to implement them at a business-wide level
  • Triages/handles security issues
  • Research weaknesses and find ways to counter them
  • Find cost-effective solutions to cybersecurity problems.
  • Understand software, hardware, and internet needs while adjusting them according to our business environment
  • Develop best practices and security standards for the organization
  • Assist fellow employees with security, software, hardware or IT needs
  • Constantly improve infrastructure security
  • An enthusiasm for staying up to date with the very latest updates about security threats and solutions
    • Ability to prioritize projects

Qualifications for Security Engineer

  • At least 3 years of experience in the cybersecurity industry
  • Certifications such as AWS Practitioner or Security, GCP Cloud Security Engineer, and CISSP, CCSP, GSEC, or CEH desired
  • Expirence with CIS Benchmarks and resource pre-deployment security auditing  
  • Strong time management and organizational skills
  • Comfortable working in a fast-paced environment
  • Critical thinking skills and the ability to solve problems as they arise
  • Be positive and solution oriented
  • Other duties as assigned

More things you'll like about Bloomreach:


  • A great deal of freedom and trust. At Bloomreach we don’t clock in and out, and we have neither corporate rules nor long approval processes. This freedom goes hand in hand with responsibility. We are interested in results from day one. 

  • We have defined our 5 values and the 10 underlying key behaviors that we strongly believe in. We can only succeed if everyone lives these behaviors day to day. We've embedded them in our processes like recruitment, onboarding, feedback, personal development, performance review and internal communication. 

  • We believe in flexible working hours to accommodate your working style.

  • We work remote-first with several Bloomreach Hubs available across three continents.

  • We organize company events to experience the global spirit of the company and get excited about what's ahead.

  • We encourage and support our employees to engage in volunteering activities - every Bloomreacher can take 5 paid days off to volunteer*.
  • The Bloomreach Glassdoor page elaborates on our stellar 4.6/5 rating. The Bloomreach Comparably page Culture score is even higher at 4.9/5

Personal Development:

  • We have a People Development Program -- participating in personal development workshops on various topics run by experts from inside the company. We are continuously developing & updating competency maps for select functions.

  • Our resident communication coach Ivo Večeřa is available to help navigate work-related communications & decision-making challenges.*
  • Our managers are strongly encouraged to participate in the Leader Development Program to develop in the areas we consider essential for any leader. The program includes regular comprehensive feedback, consultations with a coach and follow-up check-ins.

  • Bloomreachers utilize the $1,500 professional education budget on an annual basis to purchase education products (books, courses, certifications, etc.)*


  • The Employee Assistance Program -- with counselors -- is available for non-work-related challenges.*

  • Subscription to Calm - sleep and meditation app.*

  • We organize ‘DisConnect’ days where Bloomreachers globally enjoy one additional day off each quarter, allowing us to unwind together and focus on activities away from the screen with our loved ones.

  • We facilitate sports, yoga, and meditation opportunities for each other.


  • Stock options are granted depending on a team member’s role, seniority, and location.*

  • Everyone gets to participate in the company's success through the company performance bonus.*

  • We offer an employee referral bonus of up to $3,000 paid out immediately after the new hire starts.

  • We celebrate work anniversaries -- Bloomversaries!*


*Subject to employment type. Interns are exempt from marked benefits for the first 6 months.


If this position doesn't suit you, but you know someone who might be a great fit, share it - we will be very grateful!



Any unsolicited resumes/candidate profiles submitted through our website or to personal email accounts of employees of Bloomreach are considered property of Bloomreach and are not subject to payment of agency fees.


Tags: Audits Automation AWS CCSP CEH CISSP Cloud Firewalls GCP GSEC Linux Network security Python SIEM Vulnerabilities Windows

Perks/benefits: Career development Equity Flex hours Flex vacation Salary bonus Team events Yoga

Regions: Remote/Anywhere Asia/Pacific
Country: India
Job stats:  11  4  0

More jobs like this

Explore more InfoSec/Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.