This is a fantastic opportunity to join Tesco’s Cyber Assurance team, part of the wider Cyber Risk function. The Cyber Assurance team is our second line in Technology working with stakeholders to ensure the implementation of proportionate controls to mitigate Tesco’s cyber risk exposure. • Lead, plan and conduct cyber risk assessments for the Group and its subsidiaries, providing recommendations where applicable • Maintain the cyber risk register to ensure risks and mitigations remain relevant and up to date • Monitor compliance with key controls and track status of next steps, reporting on progress to Technology senior management and key stakeholders • Support the refinement of the cyber risk management and assurance framework • Support Technology colleagues with queries relating to cyber risk management and control design/implementation • IT audit/risk management, with examples of managing cyber risk and compliance within an organisation • Experience of assessing of security controls across a variety of technologies and products, recommending improvements where necessary • Experience and knowledge across different security frameworks and standards such as ISO 27001, NIST, CIS • Critical thinking with strong attention to detail and good organisational skills • Strong written, verbal communication and presentation skills, working with all levels of seniority and disciplines within the organisation • Able to build solid working relationships with peers as well as internal and external stakeholders • At least one professional qualification such as CISA, CISM, CISSP or equivalent LI-TI1 LI-Hybrid