Security & Compliance Analyst

3 days ago

Prague, Hlavní město Praha, Czech Republic Bloomreach Full time €2,000 - €3,000 per year
Bloomreach is building the world's premier agentic platform for personalization.We're revolutionizing how businesses connect with their customers, building and deploying AI agents to personalize the entire customer journey.
  • We're taking autonomous search mainstream, making product discovery more intuitive and conversational for customers, and more profitable for businesses.
  • We're making conversational shopping a reality, connecting every shopper with tailored guidance and product expertise — available on demand, at every touchpoint in their journey.
  • We're designing the future of autonomous marketing, taking the work out of workflows, and reclaiming the creative, strategic, and customer-first work marketers were always meant to do.

And we're building all of that on the intelligence of a single AI engine — Loomi AI — so that personalization isn't only autonomous…it's also consistent.From retail to financial services, hospitality to gaming, businesses use Bloomreach to drive higher growth and lasting loyalty. We power personalization for more than 1,400 global brands, including American Eagle, Sonepar, and Pandora.

Become a Security & Compliance Analyst (GRC Engineer) for Bloomreach

You will be an essential member of our Governance, Risk, and Compliance team, helping the organization build and solidify the trust of our customers (both current and future) by implementing and assessing controls in line with industry standard frameworks (SOC 2, ISO Our company provides the best digital experience for the top international e-commerce companies. Your work will impact hundreds of millions of consumers in the online space.

You will work in one of our Central-European offices (Brno, Prague or Bratislava) or from home (Czechia / Slovakia) on a full-time basis, and be part of the GIST (Global Information Security & Technology) group. The salary ranges between at 2000 EUR Gross monthly and up to 3000 EUR (applicable for Slovakia only) depending on your level of seniority, with potential for significant increases based on your performance and contributions to the team.

Your job will be to:
  • Perform internal assessments to assess the Bloomreach control environment against SOC 2 and ISO frameworks, including control testing and documentation of findings.
  • Act as a liaison between external auditors and internal stakeholders and lead external SOC 2 and ISO assessments
  • Work collaboratively with GRC team members and stakeholders across the organization to remediate gaps, including advising on control design and operating effectiveness testing to ensure remediation.
  • Assist in compiling metrics and reports for status reporting on priority GRC initiatives.
  • Assist teams across the organization (Sales, Customer Success, etc.) with ad hoc requests related to security questionnaires.

What we expect of the candidate:
  • 1-3 years experience in an IT audit, compliance, or risk management role
  • Must have experience with executing, documenting, and reporting controls testing in line with industry frameworks
  • AICPA SOC2 type2 / ISO9001:2015 / ISO27001:2022 / ISO27017:2015 / ISO27018:2015 / ISO22301:2019 / Sarbanes-Oxley experience is an advantage
  • Ability to communicate control requirements and "the why" behind compliance initiatives to stakeholders
  • Professional certification (CISA/CIA/CISSP) preferred but not required
  • Experience working in a fast paced growing company a plus
  • Familiarity with cloud technologies (GCP, AWS) preferred
  • Support risk management and assessment activities
  • Knowledge of Drata GRC tool is an advantage
  • English fluency, additional language is a plus

More things you'll like about Bloomreach:

Culture:
  • A great deal of freedom and trust. At Bloomreach we don't clock in and out, and we have neither corporate rules nor long approval processes. This freedom goes hand in hand with responsibility. We are interested in results from day one.
  • We have defined our 5 values and the 10 underlying key behaviors that we strongly believe in. We can only succeed if everyone lives these behaviors day to day. We've embedded them in our processes like recruitment, onboarding, feedback, personal development, performance review and internal communication.
  • We believe in flexible working hours to accommodate your working style.
  • We work virtual-first with several Bloomreach Hubs available across three continents.
  • We organize company events to experience the global spirit of the company and get excited about what's ahead.
  • We encourage and support our employees to engage in volunteering activities - every Bloomreacher can take 5 paid days off to volunteer*.
  • The Bloomreach Glassdoor page elaborates on our stellar 4.4/5 rating. The Bloomreach Comparably page Culture score is even higher at 4.9/5

Personal Development:
  • We have a People Development Program -- participating in personal development workshops on various topics run by experts from inside the company. We are continuously developing & updating competency maps for select functions.
  • Our resident communication coach Ivo Večeřa is available to help navigate work-related communications & decision-making challenges.*
  • Our managers are strongly encouraged to participate in the Leader Development Program to develop in the areas we consider essential for any leader. The program includes regular comprehensive feedback, consultations with a coach and follow-up check-ins.
  • Bloomreachers utilize the $1,500 professional education budget on an annual basis to purchase education products (books, courses, certifications, etc.)*

Well-being:
  • The Employee Assistance Program -- with counselors -- is available for non-work-related challenges.*
  • Subscription to Calm - sleep and meditation app.*
  • We organize 'DisConnect' days where Bloomreachers globally enjoy one additional day off each quarter, allowing us to unwind together and focus on activities away from the screen with our loved ones.
  • We facilitate sports, yoga, and meditation opportunities for each other.
  • Extended parental leave up to 26 calendar weeks for Primary Caregivers.*

Compensation:
  • Restricted Stock Units or Stock Options are granted depending on a team member's role, seniority, and location.*
  • Everyone gets to participate in the company's success through the company performance bonus.*
  • We offer an employee referral bonus of up to $3,000 paid out immediately after the new hire starts.
  • We reward & celebrate work anniversaries -- Bloomversaries*

(*Subject to employment type. Interns are exempt from marked benefits, usually for the first 6 months.)

Excited? Join us and transform the future of commerce experiences

If this position doesn't suit you, but you know someone who might be a great fit, share it - we will be very grateful

Any unsolicited resumes/candidate profiles submitted through our website or to personal email accounts of employees of Bloomreach are considered property of Bloomreach and are not subject to payment of agency fees.

  • it security analyst iii

    3 days ago

    Prague, Hlavní město Praha, Czech Republic Tesco Full time €80,000 - €120,000 per year

    Tesco Czech Republic • Prague • Hybrid • Full-Time • Permanent • Apply by 28-Aug-2026About the roleWe are looking for an experienced, senior IT Security Analyst who supports the strengthening of Oracle and SQL DBs security posture, focusing on one or more of the following: risk management, regulatory compliance, threat security policy development...

  • Sr. Specialist, Information Security Compliance

    3 days ago

    Prague, Hlavní město Praha, Czech Republic Novartis Full time 900,000 - 1,200,000 per year

    SummaryLocation: Prague, Czech Republic; #LI-Hybrid (12 days/month in office)Internal job title: Sr. Spec. DDIT ISC BISE IES The role is based in Prague. Novartis is unable to offer relocation support for this role: please only apply if this location is accessible for you. About the Role: The information Security and Compliance team is looking for a Sr....

  • Information Security Analyst

    3 days ago

    Prague, Hlavní město Praha, Czech Republic Deutsche Börse Full time €40,000 - €80,000 per year

    Build the future of financial markets. Build yours.Ready to make a real impact in the financial industry? At Deutsche Börse Group, we'll empower you to grow your career in a supportive and inclusive environment. With our unique business model, driven by 15,000 colleagues around the globe, we actively shape the future of financial markets. Join our One...

  • Trade Compliance Analyst

    1 day ago

    Prague, Hlavní město Praha, Czech Republic Pure Storage Full time €45,000 - €55,000 per year

    We're in an unbelievably exciting area of tech and are fundamentally reshaping the data storage industry. Here, you lead with innovative thinking, grow along with us, and join the smartest team in the industry.This type of work—work that changes the world—is what the tech industry was founded on. So, if you're ready to seize the endless opportunities and...

  • Senior Security

    3 days ago

    Prague, Hlavní město Praha, Czech Republic Bloomreach Full time €30,000 - €60,000 per year

    Bloomreach is building the world's premier agentic platform for personalization.We're revolutionizing how businesses connect with their customers, building and deploying AI agents to personalize the entire customer journey. We're taking autonomous search mainstream, making product discovery more intuitive and conversational for customers, and more...

  • Sr. Compliance Specialist

    12 hours ago

    Prague, Hlavní město Praha, Czech Republic Teradata Full time €70,000 - €120,000 per year

    Our CompanyAt Teradata, we believe that people thrive when empowered with better information. That's why we built the most complete cloud analytics and data platform for AI. By delivering harmonized data, trusted AI, and faster innovation, we uplift and empower our customers—and our customers' customers—to make better, more confident decisions. The...

  • Security Architect

    3 days ago

    Prague, Hlavní město Praha, Czech Republic Dentons Full time €80,000 - €100,000 per year

    Dentons is the world's largest law firm, renowned for its commitment to delivering innovative legal solutions to clients around the globe. With offices in over 160 countries and a team of legal professionals dedicated to excellence, Dentons offers a dynamic and inclusive work environment. Dentons DES:  Dentons Europe Services (DES) in Prague is at the...

  • Security Architect

    3 days ago

    Prague, Hlavní město Praha, Czech Republic Dentons Full time €80,000 - €120,000 per year

    Dentons is the world's largest law firm, renowned for its commitment to delivering innovative legal solutions to clients around the globe. With offices in over 160 countries and a team of legal professionals dedicated to excellence, Dentons offers a dynamic and inclusive work environment.Dentons DES:Dentons Europe Services (DES) in Prague is at the forefront...

  • Senior Data Analyst/Compliance Officer Analytics

    3 days ago

    Prague, Hlavní město Praha, Czech Republic Deutsche Börse Group Full time €60,000 - €90,000 per year

    Your area of work:The Compliance Function works in close coordination with the individual business units and other group control functions to ensure compliance with national and international laws, rules, and regulations applicable to various units of the Deutsche Börse Group and its business activities. The Compliance Function has a proactive role in the...

  • Associate Cyber Intelligence Analyst

    3 days ago

    Prague, Hlavní město Praha, Czech Republic Rapid7 Full time €45,000 - €60,000 per year

    Rapid7 is looking for an Associate Threat Intelligence Analyst to join our Collection team and take our threat intelligence collection capabilities to the next level.About the TeamAs an Associate Threat Intelligence Analyst within the Collection Team at Rapid7, you will be responsible for identifying, obtaining, and ingesting high-value compromised data from...