Lead Cybersecurity Engineer
3 weeks ago
Job Description
About Delhivery
We are India's largest fully integrated logistics provider. We aim to build the operating system for commerce through a combination of world-class infrastructure, logistics operations of the highest quality and cutting-edge engineering and technology capabilities. Since its inception in 2011, our team has successfully fulfilled over 2 billion orders across India. We have built a nation-wide network with a presence in every state, servicing over 18,600 pin codes. 24 automated sort centres, 94 gateways, 2880 direct delivery centres, and a team of over 57,000 people make it possible for us to deliver 24 hours a day, 7 days a week, 365 days a year.
Vision
We aim to build the operating system for commerce through a combination of world- class infrastructure, logistics operations of the highest quality, and cutting-edge engineering and technology capabilities.
We're looking for a Lead Cyber Security Engineer who will manage and drive the technical execution of our core cybersecurity programs across our digital ecosystem. In this critical, hands-on role, you'll manage security assessment programs including in-depth Vulnerability Assessment and Penetration Testing (VAPT) of applications, network infrastructure, cloud environments, and APIs. You'll be instrumental in the shift-left security paradigm, assisting in the development and implementation of DevSecOps practices, securing our CI/CD pipelines, and embedding security throughout the SDLC. You'll also manage our proactive defenses through Red Teaming exercises and lead our reactive capabilities via Incident Response and Threat Intelligence.
Roles and Responsibilities
- Lead Security Assessment and VAPT: Own, plan, and execute comprehensive Vulnerability Assessment and Penetration Testing (VAPT) across all key domains: Applications (Web/Mobile), Network Infrastructure, Cloud Environments, and APIs.
- Vendor Management (VAPT, Assessments, & Red Teaming): Manage external security vendors and stakeholders responsible for performing VAPT, security assessments, penetration testing, and Red Teaming exercises, ensuring high-quality execution, scope adherence, and timely delivery of actionable reports.
- Network Penetration Testing: Specifically scope, lead, and conduct advanced network pentesting to identify critical flaws in segmentation, configuration, and architecture.
- Red Teaming: Design and lead periodic Red Teaming and sophisticated attack simulation exercises to test the resilience of our security controls, detection capabilities, and incident response procedures.
- Coordinate with stakeholders to prioritize and drive the remediation of all identified security vulnerabilities, misconfigurations, and flaws.
- Leverage AI, machine learning, and security automation principles to increase program efficiency, standardize processes, and automate repetitive security tasks.
- SDLC Security & DevSecOps: Drive the integration of security controls and automation throughout the Software Development Life Cycle (SDLC), promoting a secure-by-design culture.
- Assist with DevSecOps & CI/CD Security: Directly assist in implementing and improving DevSecOps practices, focusing on securing the CI/CD pipelines and configuration management.
- Implement and manage security tools like SAST, DAST, and IAST, ensuring seamless integration into developer workflows.
- Cloud Security: Drive cloud security initiatives by implementing infrastructure-as-code security, configuration best practices, and compliance frameworks across cloud environments (e.g., AWS, Azure, GCP).
- Incident Response & Threat Intel: Oversee the entire Incident Response (IR) lifecycle, including threat hunting, forensics, mitigation, and post-incident analysis.
- SOC: Oversee the performance of external Security Operations Center (SOC) vendors or MSSPs, ensuring alignment with internal IR processes and effective threat monitoring.
- Continuously enhance the organization's threat landscape understanding by leveraging and operationalizing threat intelligence and managing the external attack surface.
- Vulnerability Management: Own the end-to-end technical vulnerability management program, including scanning, prioritization (leveraging threat intelligence), reporting, and tracking remediation efforts across the infrastructure and application portfolio.
Experience & Skills
- 5+ years of progressive experience in cybersecurity roles, with a proven track record in managing complex security initiatives.
- Minimum of 1-2 years of proven team handling or technical leadership experience mentoring engineers, defining project tasks, and managing team workload.
- Expert-level, hands-on experience managing and executing VAPT for applications, networks, cloud infrastructure, and APIs.
- Deep experience in technical Vulnerability Management, including managing scanning tools, driving prioritization, and tracking remediation at scale.
- Proven experience managing external vendors for critical security services, including VAPT, Security Assessments, SOC, and Red Teaming.
- Proven experience in offensive security, including leading or significantly contributing to Red Teaming or complex adversary emulation exercises.
- Deep understanding and practical experience in implementing DevSecOps principles and securing CI/CD pipelines.
- Strong practical experience with Incident Response and leveraging Threat Intelligence for proactive defense and analysis.
- Experience/knowledge of leveraging AI for security automation and program management.
- Relevant technical certifications like OSCP, GPEN, OSWE, Cloud Security Specialty etc are preferred.
- Excellent communication, technical advisory, and stakeholder management skills.
-
Apply Now: Lead Security Engineer
3 weeks ago
Gurugram, Gurugram, India Nykaa Full timeJob Description Job Title: Security Engineer III Work Office- 5 days Location- Gurgaon About Us: Nykaa is a leading e-commerce platform that combines fashion and technology to deliver a seamless shopping experience. To fortify our commitment to security, we are seeking a dedicated Cyber Security engineer to join our team. If you have a strong background...
-
Automotive Cybersecurity Engineer
2 weeks ago
Hyderabad, India The Goodyear Tire & Rubber Company Full timeJob Description Job responsibilities - Lead and moderate the creation of cybersecurity concepts, including, but not limited to, threat analysis and risk assessment(TARA), cybersecurity goal definition, and the definition of cybersecurity specifications - Support project teams in discussions and analysis with internal and external stakeholders - Experience...
-
Lead Software Engineer
3 weeks ago
Bengaluru, India GE Vernova Full timeJob Description Job Description Summary Join our innovative Software Security team at GE Vernova where technology meets critical infrastructure protection. We're building next-generation cybersecurity solutions that safeguard energy systems worldwide while driving digital transformation in the energy sector. We are seeking an experienced Lead Software...
-
Cybersecurity Operations Lead
3 weeks ago
Hyderabad, India NationsBenefits Full timeJob Description The Cybersecurity Lead is responsible for driving the organization's cybersecurity strategy, leading investigations, and guiding the operational execution of critical security initiatives. This position serves as a primary point of contact for cross-functional security matters, balancing hands-on technical work with mentoring and influencing...
-
NIIT - Cybersecurity GTM Product Manager
3 weeks ago
Gurugram, India NIIT Full timeCybersecurity GTM Product Manager (7-10 the RoleWe are seeking a strategic and entrepreneurial product leader to spearhead our Cyber GTM Office at NIIT. This role blends market-facing product leadership with internal orchestration across NIIT's cybersecurity offerings.Your charter is to craft value-driven learning pathways, define commercial solution...
-
Cybersecurity Auditor
1 week ago
Gurugram, Haryana, India Insight Enterprises, Inc. Full time**Requisition Number**: **92905** Cybersecurity Auditor I The Global GRC (Governance, Risk & Compliance) Group (G-GRC) is responsible for driving continuous improvements Globally aligning all compliance & audit efforts to improve overall compliance at Insight. The G-GRC aims to continuously improve the coordination of people, processes and technologies...
-
Gurugram, India Talent Worx Full timeSeeking a dynamic and experienced professional to lead its Cyber Security Practice, with core expertise in vulnerability management, DevSecOps, penetration testing, application and network security. This leader will play a key role in shaping and scaling attack management services, delivering high-impact solutions to clients, and guiding the next generation...
-
Gurugram, India Talent Worx Full timeSeeking a dynamic and experienced professional to lead its Cyber Security Practice, with core expertise in vulnerability management, DevSecOps, penetration testing, application and network security. This leader will play a key role in shaping and scaling attack management services, delivering high-impact solutions to clients, and guiding the next generation...
-
Cyber Security Engineer
3 weeks ago
Gurugram, Gurugram, India Fluidech Full timeJob Description Title: Engineer / Senior EngineerCybersecurity (OT Systems) Location:Onsite Gurugram, Haryana, India Duration:Full-Time Role Company: Fluidech IT Services Private Limited Company Overview: - FLUIDECH, an ESCONET group company and a deemed public company, is a technology consulting and managed services firm specialising in cybersecurity. -...
-
Max Healthcare
3 weeks ago
Gurugram, India Max Healthcare Institute Ltd. Full timeJob title : Deputy / Manager - Cybersecurity Governance, Risk & Compliance (GRC). Roles & Responsibilities:.- We are seeking a highly motivated and detail-oriented Cybersecurity GRC Manager to lead our information security governance and compliance initiatives.- The ideal candidate will have deep expertise in implementing and managing ISO 27001:2022, SOC 2,...