Bloomreach is building the world’s premier agentic platform for personalization .We’re revolutionizing how businesses connect with their customers, building and deploying AI agents to personalize the entire customer journey.
- We're taking autonomous search mainstream, making product discovery more intuitive and conversational for customers, and more profitable for businesses.
- We’re making conversational shopping a reality, connecting every shopper with tailored guidance and product expertise — available on demand, at every touchpoint in their journey.
- We're designing the future of autonomous marketing , taking the work out of workflows, and reclaiming the creative, strategic, and customer-first work marketers were always meant to do.
And we're building all of that on the intelligence of a single AI engine — Loomi AI — so that personalization isn't only autonomous…it's also consistent.From retail to financial services, hospitality to gaming, businesses use Bloomreach to drive higher growth and lasting loyalty. We power personalization for more than 1,400 global brands, including American Eagle, Sonepar, and Pandora.
Senior Staff Security Engineer
The Senior Staff Security Engineer owns current and target-state data architectures and reporting while also designing, implementing, and monitoring cloud (AWS/GCP) infrastructure security controls; deploying, securing, configuring, and operating SIEM and other security resources; identifying, triaging, and remediating infrastructure and web vulnerabilities; leading incident triage and external-researcher engagement; mentoring junior staff; and helping shape secure, scalable approaches for AI-enabled tooling, automation, and emerging product capabilities.
Role summary and core responsibilities
- 6+ years of relevant experience
- Candidates must demonstrate proficiency in cloud security, network security, URL filtering, common security frameworks, and CVE lifecycle management
- Practical IaC and scripting for automation
- Strong cross-functional and external communication
- Experience mentoring junior staff
Technical Skills:
- Hands-on cloud security for AWS and GCP: design secure architectures, perform threat modeling, apply platform-native controls, and build and validate secure IaC.
- SIEM ownership and detection engineering: deploy, configure, tune, and maintain SIEM; author and test detection rules and playbooks; integrate data sources; and operate with SLA-driven alerting and incident workflows.
- Vulnerability and incident lifecycle ownership: identify, triage, and remediate infrastructure and web vulnerabilities.
- Drive CVE lifecycle management and patching: perform root cause analysis and measure MTTR and remediation rates.
- Network, web, and endpoint protections: design and manage firewalls, WAFs, cloud networ