Logo-of-Staples-India-Business-Innovation-Hub-hiring-for-jobs-in-India-on-GrabJobs

Lead Cybersecurity Engineer Bot Detection

Job Description - Lead Cybersecurity Engineer Bot Detection

The Bot Detection Engineer is responsible for analyzing, implementing, and operating solutions that detect, analyze, and mitigate automated bot traffic across digital platforms, including web, mobile, and APIs. This role focuses on protecting ecommerce and customer facing applications from credential stuffing, scraping, account takeover, fraud, and abuse, while minimizing friction for legitimate users. The engineer partners closely with application teams, fraud, SRE, and security operations to continuously tune detection logic, respond to evolving attacker techniques, and improve overall digital resilience. 

Duties & Responsibilities

Considered a high -level specialist who regularly interacts and works with senior management.

Uses advanced techniques, theories, and processes to complete work. Next step is typically management.

Typically reports to a department head or manager.

Performs work independently.

Competencies: Technical expertise. Problem -solving skills. Interpersonal skills. Leadership skills.
 Ecommerce Fraud Attack Types, familiarity with:


·  Credential stuffing / ATO (high -velocity login attempts, distributed IPs, low -and -slow)


·  Carding (payment endpoint probing with small authorizations)


·  Scraping (catalog/search/product detail harvesting, pricing intelligence)


·  Scalping / inventory denial (add -to -cart / checkout automation)


·  Promo/gift card abuse

Telemetry + logging mastery:  They should be comfortable using and correlating:

·                 WAF/CDN logs (Akamai, Cloudflare, Fastly, etc.)

·                 Application logs (auth events, checkout errors, user agent hints)

·                 API gateway logs

·                 SIEM (Splunk/Kusto/Sentinel) for investigations and dashboards

Skills to target:

·        Feature engineering (rate, burst, entropy, distribution anomalies)

Baselines (normal traffic vs anomaly)

Detection tuning (reduce false positives without losing coverage)

Building golden signals: login failure rate, unique IPs per account, new device rate, checkout abandonment spikes, 4xx/5xx patterns



Web, HTTP, and Browser Automation Understanding (Must -Have)

Protocols + client behavior

·       Deep understanding of HTTP (headers, cookies, caching, redirects, TLS)

Browser/runtime differences: headless Chrome, Playwright/Puppeteer, Selenium

Bot fingerprint concepts:

o        JS execution signals

navigator / canvas / WebGL anomalies

cookie integrity, token binding ideas

TLS / JA3 -style fingerprinting (conceptually)

Edge/WAF/CDN Rule Engineering (Must -Have)

·         Writing and tuning WAF rules / bot policies

Rate limiting strategies (global, per IP, per session, per account, per ASN)

Challenge flows (JS challenge, CAPTCHA, proof -of -work style concepts)

Allowlist/denylist governance (and how allowlists get abused)

Release discipline:

·          Staged deployment: monitor → alert → soft block → hard block

A/B testing of mitigation to protect conversion








Requirements

Basic Qualifications

Proven experience in designing and implementing security systems.

Deep understanding of various security protocols and measures.





Preferred Qualifications

Professional certifications such as CISSP, CISM, or similar.

Master's degree in a relevant field.







Original job Lead Cybersecurity Engineer Bot Detection posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.
Share Job
Share Job

Similar Lead Cybersecurity Engineer Jobs in India

GrabJobs is the no1 job portal in India, connecting you to thousands of jobs fast! Find the best jobs in India, apply in 1 click and get a job today!

Mobile Apps

Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.