Lead Cybersecurity Engineer

17 hours ago


Gurugram Gurugram India Delhivery Full time

Job Description

About Delhivery

We are India's largest fully integrated logistics provider. We aim to build the operating system for commerce through a combination of world-class infrastructure, logistics operations of the highest quality and cutting-edge engineering and technology capabilities. Since its inception in 2011, our team has successfully fulfilled over 2 billion orders across India. We have built a nation-wide network with a presence in every state, servicing over 18,600 pin codes. 24 automated sort centres, 94 gateways, 2880 direct delivery centres, and a team of over 57,000 people make it possible for us to deliver 24 hours a day, 7 days a week, 365 days a year.

Vision

We aim to build the operating system for commerce through a combination of world- class infrastructure, logistics operations of the highest quality, and cutting-edge engineering and technology capabilities.

We're looking for a Lead Cyber Security Engineer who will manage and drive the technical execution of our core cybersecurity programs across our digital ecosystem. In this critical, hands-on role, you'll manage security assessment programs including in-depth Vulnerability Assessment and Penetration Testing (VAPT) of applications, network infrastructure, cloud environments, and APIs. You'll be instrumental in the shift-left security paradigm, assisting in the development and implementation of DevSecOps practices, securing our CI/CD pipelines, and embedding security throughout the SDLC. You'll also manage our proactive defenses through Red Teaming exercises and lead our reactive capabilities via Incident Response and Threat Intelligence.

Roles and Responsibilities

- Lead Security Assessment and VAPT: Own, plan, and execute comprehensive Vulnerability Assessment and Penetration Testing (VAPT) across all key domains: Applications (Web/Mobile), Network Infrastructure, Cloud Environments, and APIs.
- Vendor Management (VAPT, Assessments, & Red Teaming): Manage external security vendors and stakeholders responsible for performing VAPT, security assessments, penetration testing, and Red Teaming exercises, ensuring high-quality execution, scope adherence, and timely delivery of actionable reports.
- Network Penetration Testing: Specifically scope, lead, and conduct advanced network pentesting to identify critical flaws in segmentation, configuration, and architecture.
- Red Teaming: Design and lead periodic Red Teaming and sophisticated attack simulation exercises to test the resilience of our security controls, detection capabilities, and incident response procedures.
- Coordinate with stakeholders to prioritize and drive the remediation of all identified security vulnerabilities, misconfigurations, and flaws.
- Leverage AI, machine learning, and security automation principles to increase program efficiency, standardize processes, and automate repetitive security tasks.
- SDLC Security & DevSecOps: Drive the integration of security controls and automation throughout the Software Development Life Cycle (SDLC), promoting a secure-by-design culture.
- Assist with DevSecOps & CI/CD Security: Directly assist in implementing and improving DevSecOps practices, focusing on securing the CI/CD pipelines and configuration management.
- Implement and manage security tools like SAST, DAST, and IAST, ensuring seamless integration into developer workflows.
- Cloud Security: Drive cloud security initiatives by implementing infrastructure-as-code security, configuration best practices, and compliance frameworks across cloud environments (e.g., AWS, Azure, GCP).
- Incident Response & Threat Intel: Oversee the entire Incident Response (IR) lifecycle, including threat hunting, forensics, mitigation, and post-incident analysis.
- SOC: Oversee the performance of external Security Operations Center (SOC) vendors or MSSPs, ensuring alignment with internal IR processes and effective threat monitoring.
- Continuously enhance the organization's threat landscape understanding by leveraging and operationalizing threat intelligence and managing the external attack surface.
- Vulnerability Management: Own the end-to-end technical vulnerability management program, including scanning, prioritization (leveraging threat intelligence), reporting, and tracking remediation efforts across the infrastructure and application portfolio.

Experience & Skills

- 5+ years of progressive experience in cybersecurity roles, with a proven track record in managing complex security initiatives.
- Minimum of 1-2 years of proven team handling or technical leadership experience mentoring engineers, defining project tasks, and managing team workload.
- Expert-level, hands-on experience managing and executing VAPT for applications, networks, cloud infrastructure, and APIs.
- Deep experience in technical Vulnerability Management, including managing scanning tools, driving prioritization, and tracking remediation at scale.
- Proven experience managing external vendors for critical security services, including VAPT, Security Assessments, SOC, and Red Teaming.
- Proven experience in offensive security, including leading or significantly contributing to Red Teaming or complex adversary emulation exercises.
- Deep understanding and practical experience in implementing DevSecOps principles and securing CI/CD pipelines.
- Strong practical experience with Incident Response and leveraging Threat Intelligence for proactive defense and analysis.
- Experience/knowledge of leveraging AI for security automation and program management.
- Relevant technical certifications like OSCP, GPEN, OSWE, Cloud Security Specialty etc are preferred.
- Excellent communication, technical advisory, and stakeholder management skills.



  • Gurugram, Gurugram, India Nykaa Full time

    Job Description Job Title: Security Engineer III Work Office- 5 days Location- Gurgaon About Us: Nykaa is a leading e-commerce platform that combines fashion and technology to deliver a seamless shopping experience. To fortify our commitment to security, we are seeking a dedicated Cyber Security engineer to join our team. If you have a strong background...


  • Gurugram, India BhaiFi - Reimagining Networks Full time

    About The RoleWe are seeking aData Science Managerto lead the development of machine learning models and advanced analytics for network security applications. In this role, you will guide data science initiatives, oversee model design and validation, and manage project delivery timelines. You will collaborate closely with engineers, mentor junior team...

  • Telecom Lead Engineer

    2 weeks ago


    Gurugram, India Right Advisors Private Limited Full time

    Hiring: Telecom Lead EngineerTURKISH MNC OIL N GAS Division Location:– UK / Gurgaon Reports to:Electrical Engineering Group Supervisor Role Summary: Lead telecom engineering & integration forOil & Gas EPC projects(FEED, Detailed Design & EPC phases).Responsible for telecom system design, cybersecurity compliance, and seamless integration with...


  • Gurugram, India NIIT Limited Full time

    About the Role We are seeking a strategic and entrepreneurial product leader to spearhead our Cyber GTM Office at NIIT. This role blends market-facing product leadership with internal orchestration across NIIT's cybersecurity offerings. Your charter is to craft value-driven learning pathways, define commercial solution bundles, and drive business outcomes by...


  • Gurugram, India Lakn Design Technologies Gurugram Full time

    IT Support Engineer Cloud, Cybersecurity & Team Management Company Website: Location: 17th Floor, MAGNUM GLOBAL PARK Golf Course Ext. Road, Sector 58 Gurugram, Haryana 1. Name of the Role: IT Support Engineer Cloud, Cybersecurity & Team Management 2. Required Experience: 5+ years (preferably with at least 2 years in a leadership or supervisory capacity)...


  • India Quest Global Full time ₹ 9,00,000 - ₹ 12,00,000 per year

    Job Requirements Cybersecurity system design work for an overseas railway vehicle control system projectOrganizing and analyzing customer cybersecurity requirements and creating requirements specificationsDiscussing and leading specifications with customers regarding cybersecurity requirements specificationsAnalyzing gaps between cybersecurity requirements...


  • India Luxoft Full time

    Remote India, India Cybersecurity Automotive Industry 26/09/2024 Req. VR-106960 **Project description**: As an Automotive Cybersecurity Testing Expert, you will play a vital role in ensuring the security of OEMs and Tier-1 suppliers. You will be responsible for leading and executing Automotive Cybersecurity Testing...


  • Gurugram, India NIIT Full time

    Cybersecurity GTM Product Manager (7-10 the RoleWe are seeking a strategic and entrepreneurial product leader to spearhead our Cyber GTM Office at NIIT. This role blends market-facing product leadership with internal orchestration across NIIT's cybersecurity offerings.Your charter is to craft value-driven learning pathways, define commercial solution...


  • Gurugram, India Siemens Technology Full time

    Job Description We at Smart Infrastructure Division in Siemens Ltd. is one of the top tier global suppliers of products, systems, solutions, and services for the efficient, reliable, and intelligent transmission and distribution of electrical power. As the trusted partner for the development and extension of an efficient and reliable power infrastructure...


  • Gurugram, Gurugram, India Visiblaze Full time

    Job Description About the Role We are hiring a Senior Engineering Manager to lead the technical strategy, architecture, and delivery of our cybersecurity platform. This is a hands-on leadership role: you&aposll be building and scaling a small, high-performing team, owning end-to-end engineering execution, and laying the foundation for our product and...