Tata CLiQ is the flagship digital commerce initiative of the Tata Group. It is a multi-category e-commerce platform, operating across categories such as Fashion, Footwear and Accessories, Electronics and Luxury.
At CLiQ, we encourage experiments and creativity in Technology. We develop and use technology to enhance day-to-day life and have a positive impact on customers.
Tata CLiQ has a unique omni-channel marketplace model offering customers the convenience of quicker delivery (by shipping from store), easy pick-up and returns, across 1,200+ brands and 1,000 stores in 100+ Indian towns and cities. It is also India-s definitive destination for exclusive Fashion and Electronics brands.
Here’s what we believe in:
We obsess over customer delight
We are out there to find an alternate way of doing e-commerce
We carry an attitude to develop a culture of learning and continuous improvement, both for people and processes
Our goals will be ambitious, demand significant stretch
We believe in Uncomfortable Transparency
We will always be respectful, empathetic and caring about the well-being of our teams
Position Summary:
Enterprise Security Architect (Director – T5 Level) will play an integral role in defining and managing application and infrastructure security controls, architecture and practices. Effectively translate business objectives and risk management strategies into specific security processes enabled by security technology solutions, controls and services.
Responsibilities:
. Develop and maintain a security solutions architecture and associated process to develop and implement security solutions and capabilities aligned with business, technology, and threat drivers
. Develop and maintain secure coding practices in coordination with DevOps teams
. Develop standards, security solutions and practices for application security, operating systems, network segmentation and cloud infrastructure security
. Track developments and changes in the digital business platform and threat environments to ensure that they-re adequately addressed in security strategy plans and architecture
. Validate application, cloud and IT infrastructure, third party technology/application services and other reference architectures for security best practices and recommend changes to enhance security and reduce risks
. Validate security configurations and access to security infrastructure tools, including AppSec, Cloud, CDN, firewalls, IPSs, WAFs and anti-malware/endpoint protection systems
. Conduct or facilitate vulnerability assessment, penetration testing and threat modeling of services and applications that tie to the risk and data associated with the service or application
. Support the testing and validation of internal security controls, as directed the audit team
. Review security technologies, tools and services, and makes recommendations to the broader security team for their use, based on security, financial and operational metrics
Experience
More than 15 years of experience in security domain including leading the application and infrastructure security function.
. Experience in using architecture methodologies and frameworks such as DevSecOps, OWASP, NIST, CSA, SAMM, TOGAF.
. Direct, hands-on experience or strong working knowledge of managing security infrastructure – e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology.
. Experience reviewing application code for security vulnerabilities, securing CI/CD pipelines.
. Direct, hands-on experience or a strong working knowledge of vulnerability management tools.
. Experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services.
. Experience designing security for deployment of applications and infrastructure into public cloud services.
. Full-stack knowledge of IT infrastructure:
. Applications
. Databases
. Operating systems – Windows, Unix and Linux
. Hypervisors
. IP networks – WAN and LAN
. Storage networks – Fibre Channel, iSCSI and NAS
. Backup networks and media
. Containers/Kubernetes
. Direct experience designing IAM technologies and services:
The opportunities we us have are perfect for highly motivated and talented candidates.
We are looking for candidates who have strong passion for customers, a high level of comfort with uncomfortable transparency, and a keen sense of ownership and drive to deliver results.
So QUiQ – PiQ – CliQ before the opportunity is missed


Source link