Contract type: Permanent
Location: Hatfield (Hybrid working – 3 days in the office)
Working hours per week: 40 hours
Level: Senior
Application Closing Date: Tuesday 31st March 2026
About Us
Our mission is to deliver joy in every shop, through unbeatable choice, unrivalled service, and reassuringly good value.
We’re Ocado Retail, a market‑leading joint venture between Ocado Group and M&S, and the world’s largest dedicated online supermarket, ocado.com. Not only is Ocado.com the only place to shop a full range of M&S food online, it’s also the home to the widest online supermarket range in the UK and champion of small, independent brands. We’re also the brains behind Zoom by Ocado, our same‑day grocery delivery service.
About The Team And The Role
This is an exciting opportunity for a proactive, technically‑minded, and organised Senior Cyber Security Engineer to take a leading role in running our Cyber Security Operations. You will have the opportunity to make your mark by refining our security posture, and working closely with our IT, Data, and Compliance teams. The ideal candidate will review and improve technical controls, processes, and procedures, work with suppliers to monitor service KPIs and SLAs, and strive for exceptional standards of cybersecurity engineering.
What You’ll Do
Security Operations & Incident Response
* Investigate security alerts and assist with incident response, escalating where required.
* Assisting in the creation of incident management plans and play books.
* Work with 3rd parties to monitor for attacks, intrusions, and unusual, unauthorised, or malicious activity.
* Provide assurance in relation to 3rd party security service providers, escalating issues for resolution where appropriate.
Threat Intelligence & Vulnerability Management
* Keeping up to date with the latest security and technology developments, actively researching and evaluating emerging cyber security threats and ways to manage them.
* Support penetration and vulnerability testing, reviewing results, and supporting remedial activities.
* Demonstrates an understanding of the organisational attack surface.
Identity, Access & Data Protection
* Monitor identity and access management, including monitoring for abuse of permissions by authorised system users.
* Monitor and respond to 'phishing' emails and 'pharming' activity.
Risk, Governance & Compliance
* Generate reports for both technical and non-technical staff and stakeholders.
* Maintain an information security risk register and assist with internal and external audits relating to information security.
* Providing input into monthly risk reporting and control matrix (RACM) and associated reporting.
* Provide input into information security policies, standards, and procedures.
Security Architecture, Culture & Leadership
* Test and evaluate security products, and provide input and support for projects to improve and ensure ongoing security.
* Act as a security evangelist supporting staff and projects across the organisation.
* Assist with the creation, maintenance, and delivery of cyber security awareness training for colleagues.
* Mentor, train and provide technical leadership to junior members of the team.
Who You Are
* Core Experience: Must have demonstrated prior experience in a similar analyst or engineer role, including operational experience in cybersecurity incident response and threat hunting.
* Cloud & Network Security: Good understanding of encryption, network, and cloud security. Familiar with Zero trust, CASB, cloud-first concepts, and relevant security tooling. Has a good understanding of techniques for securing and monitoring cloud and network environments, specifically Azure, GCP and AWS.
* Identity & Endpoint Protection: Knowledge and operational experience with Active Directory and modern Identity and Access Management (IAM) solutions (e.g., Okta, Azure AD). Experience with modern endpoint protection (EDR/XDR) is also required.
* Security Tooling: Experience configuring and managing event sources and log collectors for SIEM ingestion. Operational experience in maintaining vulnerability scanning scheduling, policy configuration, and reporting including Cloud Security Posture Management. Any Linux experience is a bonus although this will be minimal.
* Soft Skills: Passion for cyber security and up to date on the latest security technologies. Good written communication skills, for example, to write technical reports. Excellent communication skills and the ability to build strong relationships are a prerequisite.
Nice to Haves
* Industry‑recognised certifications: CompTIA Security+, Azure Security Engineer, AWS Certified Security, Google cloud security engineer, CCSP, CISSP, CEH, CISM or are working towards one (or more) of these qualifications.
What’s In It For You
By joining Ocado Retail, you’ll have the chance to experience life at the world’s largest online retailer, work with an amazing bunch of people who challenge what’s possible each day, and grow your skills and career in online retail.
We’ll also get access to loads of great benefits to sweeten the deal. Here’s a taste of what we offer:
Health & Wellbeing
Private medical insurance with option to add your family, Digital GP appointments, market‑leading family policies, mental health support, discounted gym memberships, dental insurance, and more.
Spend & Save
Annual bonus scheme split between personal and business objectives, recognition with reward platform, up to 7% matched pension contributions, 15% Ocado discount, 20% M&S discount, free breakfast every day in the office, electric vehicle leasing scheme, and free shuttle bus from Hatfield station to the office.
Never miss the moments that matter
Hybrid working, 26 days holiday plus 8 flexible bank holidays, options to buy extra holiday, 2 weeks work from anywhere, and lifestyle break opportunities.
Our Hiring Process
Lucky for us, we receive a high volume of applications and genuinely appreciate the time and effort invested by every candidate. To ensure a fair and thorough process, every application is reviewed by a member of our team. If your skills and experience are a strong match, a Talent Partner will contact you to discuss the role and guide you through the next steps of our hiring process.
Your Application and AI
In the spirit of innovation, we welcome you to use AI tools in your application, just as we use them in our own business at Ocado Retail. However, as you leverage this technology, please don't lose sight of the most important element: your unique self. Your experiences, passions, and personality are what truly set you apart. Ensure that your application still authentically conveys who you are and why you're a great fit for us.
Everyone’s welcome
We’re an equal opportunities employer, which means that we make sure all potential colleagues are treated fairly and equally. We want to ensure everyone has a fair chance to apply; if you need this job description in an alternative format (e.g., larger print, different document type, etc.), please reach out to us at careers@ocadoretail.com and we'll be happy to assist you, and if you require reasonable adjustments during the recruitment process, please let us know on the application form.
#J-18808-Ljbffr