Lead Cybersecurity Engineer – Bot Detection
Staples India Business Innovation Hub Private Limited · Chennai, Tamil Nadu, India
Technology, Information and Internet · 201-500 employees
About the role
The Lead Cybersecurity Engineer is responsible for implementing and operating solutions to detect and mitigate automated bot traffic across web, mobile, and API platforms. This includes tuning detection logic to prevent fraud, scraping, and account takeovers while ensuring a seamless experience for legitimate users.
What they look for
Requirements
Candidates must have proven experience designing security systems and a deep understanding of security protocols and browser automation. Preferred qualifications include a Master's degree and professional certifications such as CISSP or CISM.
Full description
The Bot Detection Engineer is responsible for analyzing, implementing, and operating solutions that detect, analyze, and mitigate automated bot traffic across digital platforms, including web, mobile, and APIs. This role focuses on protecting ecommerce and customer facing applications from credential stuffing, scraping, account takeover, fraud, and abuse, while minimizing friction for legitimate users. The engineer partners closely with application teams, fraud, SRE, and security operations to continuously tune detection logic, respond to evolving attacker techniques, and improve overall digital resilience.
Duties & Responsibilities
Considered a high-level specialist who regularly interacts and works with senior management.
Uses advanced techniques, theories, and processes to complete work. Next step is typically management.
Typically reports to a department head or manager.
Performs work independently.
Competencies: Technical expertise. Problem-solving skills. Interpersonal skills. Leadership skills.
Ecommerce Fraud Attack Types, familiarity with:
· Credential stuffing / ATO (high-velocity login attempts, distributed IPs, low-and-slow)
· Carding (payment endpoint probing with small authorizations)
· Scraping (catalog/search/product detail harvesting, pricing intelligence)
· Scalping / inventory denial (add-to-cart / checkout automation)
· Promo/gift card abuse
Telemetry + logging mastery: They should be comfortable using and correlating:
· WAF/CDN logs (Akamai, Cloudflare, Fastly, etc.)
· Application logs (auth events, checkout errors, user agent hints)
· API gateway logs
· SIEM (Splunk/Kusto/Sentinel) for investigations and dashboards
Skills to target:
· Feature engineering (rate, burst, entropy, distribution anomalies)
Baselines (normal traffic vs anomaly)
Detection tuning (reduce false positives without losing coverage)
Building golden signals: login failure rate, unique IPs per account, new device rate, checkout abandonment spikes, 4xx/5xx patterns
Web, HTTP, and Browser Automation Understanding (Must-Have)
Protocols + client behavior
· Deep understanding of HTTP (headers, cookies, caching, redirects, TLS)
Browser/runtime differences: headless Chrome, Playwright/Puppeteer, Selenium
Bot fingerprint concepts:
o JS execution signals
navigator / canvas / WebGL anomalies
cookie integrity, token binding ideas
TLS / JA3-style fingerprinting (conceptually)
Edge/WAF/CDN Rule Engineering (Must-Have)
· Writing and tuning WAF rules / bot policies
Rate limiting strategies (global, per IP, per session, per account, per ASN)
Challenge flows (JS challenge, CAPTCHA, proof-of-work style concepts)
Allowlist/denylist governance (and how allowlists get abused)
Release discipline:
· Staged deployment: monitor → alert → soft block → hard block
A/B testing of mitigation to protect conversion
Requirements
Basic Qualifications
Proven experience in designing and implementing security systems.
Deep understanding of various security protocols and measures.
Preferred Qualifications
Professional certifications such as CISSP, CISM, or similar.
Master's degree in a relevant field.