Lead Engineer - Information Security
Tata CLiQ
Mumbai
4d ago

Tata CLiQ is the flagship digital commerce initiative of the Tata Group. It is a multi-category e-commerce platform, operating across categories such as Fashion, Footwear and Accessories, Electronics and Luxury.

At CLiQ, we encourage experiments and creativity in Technology. We develop and use technology to enhance day-to-day life and have a positive impact on customers.

Tata CLiQ has a unique omni-channel marketplace model offering customers the convenience of quicker delivery (by shipping from store), easy pick-up and returns, across 1,200+ brands and 1,000 stores in 100+ Indian towns and cities.

It is also India's definitive destination for exclusive Fashion and Electronics brands.Here’s what we believe in : We obsess over customer delightWe are out there to find an alternate way of doing e-commerceWe carry an attitude to develop a culture of learning and continuous improvement, both for people and processesOur goals will be ambitious, demand significant stretchWe believe in Uncomfortable TransparencyWe will always be respectful, empathetic and caring about the well-being of our teams network vulnerability assessments to identify vulnerabilities and articulating security issues to technical and non-technical audience2.

Provide operational analysis of vulnerabilities and threats to information systems3. Identify, analyze and prioritize discovered security exposures and follow up with IT staff to remediate findings and confirm compliance to security standards4.

Contribute in running and enhancing vulnerability management strategies, action plans and execute them in safeguarding organization from emerging threats and methods of exploitation5.

Analyze and suggest configurations & hardening settings of different Operating Systems, Network Devices, Databases and Web Servers as required6.

Ensure the vulnerability scanning coverage is up to date and new assets are added to scans as in when discovered or added7.

Work with central Vulnerability tools management team to resolve / fulfil any issues or requirements regarding the central provided vulnerability assessment infrastructure8.

Interact with Senior Management, Incident Response and Risk Management teams to provide security assessments, security gap-analysis, audit reports and recommendations9.

Develop, document and implement data security procedures that enforce information security standards10. Perform other security-related duties as requestedRequirements1.

Understanding of and experience with performing network based vulnerability scans using related tools - Nessus, Open source tools or equivalent2.

Experience in false positive cases handling on networks and systems3. In-depth understanding of various types of network & web based attacks and mitigation4.

Familiarity with well-known vulnerabilities and exploits to understand its impact on business5. Excellent understanding of the OSI model and TCP / IP6.

Excellent Communication skills both Oral and Written7. Ready to work stretched hours8. An excellent team player who also can lead a team and mentor his peers when required9.

Contribute in knowledge sharing initiatives within organization to build Centre of Excellency for Vulnerability Assessment and Penetration testingBasic Qualifications : years of experience in Vulnerability Assessment delivery for large organizations information security manager with experience on Agile and best-in-class application security practices.

in managing vulnerability assessments / Security / Agile projectsPreferred Skills understanding of information security risks, website vulnerabilities, and appropriate defence strategies 2.

Ability to build and lead a team of security engineers3. Strong documentation and record retention skills for maintaining auditable artifacts4.

Ability to work with multiple deliverables5. Good working knowledge of MS Office products6. Security certifications in one of the following GPEN, GXPN, GWAPT, GAWN, OSCE, OSCP, LPT, CEPT, CPT, CEH, ESCA, GSNA, or CISA.

to have Information Security Certifications in one of the following, CISSP, CISM, CAP, GSLC, and / or GISF

Report this job
checkmark

Thank you for reporting this job!

Your feedback will help us improve the quality of our services.

Apply
My Email
By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
Continue
Application form