Lead Engineer - Information Security
Tata Unistore
Mumbai, India
3d ago

Job Description

Tata CLiQ is the flagship digital commerce initiative of the Tata Group. It is a multi-category e-commerce platform, operating across categories such as Fashion, Footwear and Accessories, Electronics and Luxury.

At CLiQ, we encourage experiments and creativity in Technology. We develop and use technology to enhance day-to-day life and have a positive impact on customers.

Tata CLiQ has a unique omni-channel marketplace model offering customers the convenience of quicker delivery (by shipping from store), easy pick-up and returns, across 1,200+ brands and 1,000 stores in 100+ Indian towns and cities.

It is also India-s definitive destination for exclusive Fashion and Electronics brands.

Here's what we believe in :

We obsess over customer delight

We are out there to find an alternate way of doing e-commerce

We carry an attitude to develop a culture of learning and continuous improvement, both for people and processes

Our goals will be ambitious, demand significant stretch

We believe in Uncomfortable Transparency

We will always be respectful, empathetic and caring about the well-being of our teams

1.Perform network vulnerability assessments to identify vulnerabilities and articulating security issues to technical and non-technical audience

2. Provide operational analysis of vulnerabilities and threats to information systems

3. Identify, analyze and prioritize discovered security exposures and follow up with IT staff to remediate findings and confirm compliance to security standards

4. Contribute in running and enhancing vulnerability management strategies, action plans and execute them in safeguarding organization from emerging threats and methods of exploitation

5. Analyze and suggest configurations & hardening settings of different Operating Systems, Network Devices, Databases and Web Servers as required

6. Ensure the vulnerability scanning coverage is up to date and new assets are added to scans as in when discovered or added

7. Work with central Vulnerability tools management team to resolve / fulfil any issues or requirements regarding the central provided vulnerability assessment infrastructure

8. Interact with Senior Management, Incident Response and Risk Management teams to provide security assessments, security gap-analysis, audit reports and recommendations

9. Develop, document and implement data security procedures that enforce information security standards

10. Perform other security-related duties as requested


1. Understanding of and experience with performing network based vulnerability scans using related tools - Nessus, Open source tools or equivalent

2. Experience in false positive cases handling on networks and systems

3. In-depth understanding of various types of network & web based attacks and mitigation

4. Familiarity with well-known vulnerabilities and exploits to understand its impact on business

5. Excellent understanding of the OSI model and TCP / IP

6. Excellent Communication skills both Oral and Written

7. Ready to work stretched hours

8. An excellent team player who also can lead a team and mentor his peers when required

9. Contribute in knowledge sharing initiatives within organization to build Centre of Excellency for Vulnerability Assessment and Penetration testing

Basic Qualifications :

1.8-10 years of experience in Vulnerability Assessment delivery for large organizations

2.Hands-on information security manager with experience on Agile and best-in-class application security practices.

3.Experience in managing vulnerability assessments / Security / Agile projects

Preferred Skills

1.Intermediate understanding of information security risks, website vulnerabilities, and appropriate defence strategies

2. Ability to build and lead a team of security engineers

3. Strong documentation and record retention skills for maintaining auditable artifacts

4. Ability to work with multiple deliverables

5. Good working knowledge of MS Office products

6. Security certifications in one of the following GPEN, GXPN, GWAPT, GAWN, OSCE, OSCP, LPT, CEPT, CPT, CEH, ESCA, GSNA, or CISA.

7.Good to have Information Security Certifications in one of the following, CISSP, CISM, CAP, GSLC, and / or GISF

The opportunities we us have are perfect for highly motivated and talented candidates.

We are looking for candidates who have strong passion for customers, a high level of comfort with uncomfortable transparency, and a keen sense of ownership and drive to deliver results.

So QUiQ - PiQ - CliQ before the opportunity is missed

Report this job

Thank you for reporting this job!

Your feedback will help us improve the quality of our services.

My Email
By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
Application form