About the role
We are the trusted security advisors for
Tesco Technology. Our purpose is to collaborate seamlessly with the product and
engineering teams, leveraging our deep expertise in cyber security to design
and implement robust, resilient solutions that protect our business and
customers from cyber threats. We are a dynamic and expanding global team of 15+
experts, serving as the strategic link between the wider security group and
software engineering teams thatdevelop cutting-edge services at scale to
support the retail business.
This groundbreaking opportunity gives you
the chance to work as the Security Partner for chosen verticals within the
engineering domain. You will be part of a dynamic team that supports Tesco
technology and software development teams across cloud and other innovative
technologies at scale.
You will be responsible for
* Build a
good understanding of the aligned verticals, the technology architecture,
the criteria and constraints, the security posture and technical debts.
* Understand
the threat landscape and take a risk-based approach on security.
* Drive
security initiatives such as developing security requirements, threat
modelling, strengthening application security, vulnerability reduction,
etc., across product areas.
* Review
architecture and design for security problems, indulge in enabling
software development teams to use security capabilities and tooling
provided by Tesco.
* Be ready
to review critical code, build pipelines, deployment methods, etc., and
assist teams in improving overall security.
* Apply
security and privacy principles in your daily job.
* Facilitate
risk remediation and challenge decisions and status-quo.
* Participate
in assurance activities like penetration testing, purple testing, and app
assurance.
* Develop
quarterly/monthly roadmaps for security activities and plan them with
collaborators.
* Be an
evangelist for security and contribute to strengthening Tesco's internal
policies and standards.
You will need
* Strong
written and verbal communication skills.
* Strong
problem-solving, analysis, and computational skills.
* Ability
to drive tactical vs. strategic decision-making.
* Advocacy
for change.
* Work
experience in customer-facing solutions, web technologies, payment
systems, content delivery networks, REST APIs, microservices, and modern
application development.
* Understanding
of the evolving threat landscape and ability to identify business risks.
* Good
understanding of public cloud services and various architecture patterns.
* Strong
grasp of software, network, and infrastructure security.
* Deep
understanding of application security and DevSecOps (shift-left culture).
* Knowledge
of general security principles, privacy principles, and industry standards
such as NIST, ISO27001, CIS, and MITRE framework.
- Preferred
Azure or AWS cloud security certifications
Whats in it for you?
We're all about the little helps. That's why we make sure our Tesco colleague benefits package takes care of you – both in and out of work. Click Here to find out more
* Annual bonus scheme of up to 20% of base salary
* Holiday starting at 25 days plus a personal day (plus Bank holidays)
* Private medical insurance
* 26 weeks maternity and adoption leave (after 1 years' service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 4 weeks fully paid paternity leave
* Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing
About Us
Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet.
We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves. At Tesco, we not only celebrate diversity, but recognise the value and opportunity it brings. We're committed to creating a workplace where differences are valued, and make sure that all colleagues are given the same opportunities. We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please click here.
We're a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern - combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate. If you are applying internally, please speak to the Hiring Manager about how this can work for you - Everyone is welcome at Tesco.