Staples India Business Innovation Hub Private Limited

Lead Cybersecurity Engineer – Bot Detection

Staples India Business Innovation Hub Private Limited · Chennai, Tamil Nadu, India

Technology, Information and Internet · 201-500 employees

Jun 03
Senior (5-10 yrs) Full-time India
Log in to apply, save this posting, or score it against your profile with AI.

About the role

The Lead Cybersecurity Engineer is responsible for implementing and operating solutions to detect and mitigate automated bot traffic across web, mobile, and API platforms. This includes tuning detection logic to prevent fraud, scraping, and account takeovers while ensuring a seamless experience for legitimate users.

What they look for

Bot Detection WAF Rule Engineering Feature Engineering HTTP Protocol Browser Automation Telemetry Analysis SIEM Rate Limiting Fingerprinting Credential Stuffing Mitigation API Security Fraud Detection Detection Tuning Log Correlation Security Architecture Incident Response

Requirements

Candidates must have proven experience designing security systems and a deep understanding of security protocols and browser automation. Preferred qualifications include a Master's degree and professional certifications such as CISSP or CISM.

Full description

The Bot Detection Engineer is responsible for analyzing, implementing, and operating solutions that detect, analyze, and mitigate automated bot traffic across digital platforms, including web, mobile, and APIs. This role focuses on protecting ecommerce and customer facing applications from credential stuffing, scraping, account takeover, fraud, and abuse, while minimizing friction for legitimate users. The engineer partners closely with application teams, fraud, SRE, and security operations to continuously tune detection logic, respond to evolving attacker techniques, and improve overall digital resilience.

Duties & Responsibilities

Considered a high-level specialist who regularly interacts and works with senior management.

Uses advanced techniques, theories, and processes to complete work. Next step is typically management.

Typically reports to a department head or manager.

Performs work independently.

Competencies: Technical expertise. Problem-solving skills. Interpersonal skills. Leadership skills.

 Ecommerce Fraud Attack Types, familiarity with:

·  Credential stuffing / ATO (high-velocity login attempts, distributed IPs, low-and-slow)

·  Carding (payment endpoint probing with small authorizations)

·  Scraping (catalog/search/product detail harvesting, pricing intelligence)

·  Scalping / inventory denial (add-to-cart / checkout automation)

·  Promo/gift card abuse

Telemetry + logging mastery: They should be comfortable using and correlating:

·                 WAF/CDN logs (Akamai, Cloudflare, Fastly, etc.)

·                 Application logs (auth events, checkout errors, user agent hints)

·                 API gateway logs

·                 SIEM (Splunk/Kusto/Sentinel) for investigations and dashboards

Skills to target:

·        Feature engineering (rate, burst, entropy, distribution anomalies)

Baselines (normal traffic vs anomaly)

Detection tuning (reduce false positives without losing coverage)

Building golden signals: login failure rate, unique IPs per account, new device rate, checkout abandonment spikes, 4xx/5xx patterns

Web, HTTP, and Browser Automation Understanding (Must-Have)

Protocols + client behavior

·       Deep understanding of HTTP (headers, cookies, caching, redirects, TLS)

Browser/runtime differences: headless Chrome, Playwright/Puppeteer, Selenium

Bot fingerprint concepts:

o        JS execution signals

navigator / canvas / WebGL anomalies

cookie integrity, token binding ideas

TLS / JA3-style fingerprinting (conceptually)

Edge/WAF/CDN Rule Engineering (Must-Have)

·         Writing and tuning WAF rules / bot policies

Rate limiting strategies (global, per IP, per session, per account, per ASN)

Challenge flows (JS challenge, CAPTCHA, proof-of-work style concepts)

Allowlist/denylist governance (and how allowlists get abused)

Release discipline:

·          Staged deployment: monitor → alert → soft block → hard block

A/B testing of mitigation to protect conversion

Requirements

Basic Qualifications

Proven experience in designing and implementing security systems.

Deep understanding of various security protocols and measures.

Preferred Qualifications

Professional certifications such as CISSP, CISM, or similar.

Master's degree in a relevant field.