Information security analyst - product assurance

Information Security Analyst - Product Assurance


Information Security Analyst - Product Assurance

1 week ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

hackajob is collaborating with Sainsbury's DTD to connect them with exceptional tech professionals for this role.

We’d all like amazing work to do, and real work-life balance. That’s waiting for you at Sainsbury’s. Think about the scale it takes for us to feed the nation. The level of data, transactions and variety it involves. Then you’ll realise that ours is a modern software engineering environment because it has to be. We’ve made serious investment into a Tech Academy and into setting standards and principles. We iterate, learn, experiment and push ways of working such as Agile, Scrum and XP. So you can look forward to awesome opportunities in everything from AI to reusable tech.

Job Title / Role

Information Security Analyst - Product Assurance

Reporting to

Information Security Manager - Sainsbury’s

Division/Dept

Data Governance and Information Security (Corporate Services)

Location

Holborn, Coventry, Manchester (Flexible)

In a nutshell

As an Information Security Analyst in the Data Governance and Information Security Team, you will be working within the Product Assurance team who are responsible for ensuring our Engineering and Development communities are building and maintaining secure products through their entire lifecycle.

You will be continually reviewing our security posture and setting the direction on how best to make improvements in line with the evolving threat landscape and core business objectives.

What You Need To Do

As an Information Security Analyst, you will have good all round Infosec experience coupled with finely honed Stakeholder Management skills to ensure that robust security is maintained across our environment.


* Work in a flexible, agile manner within Engineering Families, whilst maintaining appropriate levels of challenge and governance
* Ensure security is built in by design, products are delivered securely with client and employee data appropriately protected
* Define Security Non-Functional Requirements for each project and ensure that they are fulfilled prior to going into service, ensuring the relevant technology standards are applied to specific projects
* Liaise with the Information Security Testing Team to ensure that Ethical Hacking, Code Reviews, Application Scanning, and Infrastructure Scanning is conducted.
* Provide end to end assurance of IT products across the Group, throughout its lifecycle, providing approvals where appropriate
* Articulate risk in technical and non-technical terminology so that it can be interpreted by IT and Business individuals alike.
* Help identify, assess, and manage strategic, operational and emerging risks affecting the Cloud and Data, and articulate, quantify and monitor risks according to risk appetite.
* Build and maintain strong senior stakeholder relationships within technology and the business to understand security risk and drive robust risk-based decision making.
* Effectively articulate technical issues to business units and engineering teams.
* Liaise with third-party strategic partners and providers who support Sainsbury’s.

What You Need To Know And Show

* At least 4 years proven experience demonstrating technical understanding of security to ensure systems are designed and built securely and to help continually improve our security posture
* Appreciation of containerisation technologies such as Docker, Kubernetes etc.
* Fundamental knowledge of logging, monitoring, load balancing/proxies and API gateways
* Fundamental knowledge of GitHub, Jenkins & Jira
* Basic knowledge of the OWASP Top 10, Mitre ATT&CK, NIST frameworks, PCI-DSS and Cyber Kill Chain
* Fundamental understanding of PAM, EDR, AV, IPS, SIEM, WAF and DLP technologies
* The ability to verify solutions and gain assurance that they are fit for purpose through demonstrable evidence of controls and testing
* Strong understanding of the changing threat landscape and how this may affect our systems
* The ability to challenge concerns and report through appropriate channels
* Self-drive, motivation and the ability to work independently to deliver expected outcomes
* In-depth understanding of data and security risks in a large enterprise
* Risk & Vulnerability Management experience and understanding of Risk & Vulnerability Management Frameworks
* Strong analytical and report writing skills.
* Experience with serverless cloud technologies such as AWS storage and Lambda functions.

Desirable Qualifications

You will have one (or more) of the following:

* CompTIA Security+, Network+, Linux+, Cloud+, Data+, DataSys+
* CSA CCSK / CCAK
* AWS Certified Security
* Microsoft Azure Security Engineer Associate
* (ISC)² CISSP / CCSP / SSCP
* ISACA CISA / CISM / CRISC / CGEIT
* MSc. Information/Cyber Security

As well as lots of on-the-job training and endless opportunities, you'll get:

* Colleague discount across our multi-brands - Sainsbury's, Argos, TU Clothing and Habitat
* Holiday allowance
* Bonus scheme
* Pension plan
* Special offers on gym memberships, restaurants, holidays, retail vouchers and more

Work-life balance is important to us, so we offer our colleagues as much flexibility as possible in line with the needs of their role. We trust them to decide how, where and when they work, combining remote and collaborative working with a flexible approach to hours, giving them plenty of time and space for life outside of work whilst delivering against our business goals.


Seniority level

* Seniority level

Mid-Senior level


Employment type

* Employment type

Full-time


Job function

* Job function

Information Technology
* Industries

Software Development

Referrals increase your chances of interviewing at hackajob by 2x

Get notified about new Information Security Analyst jobs in London, England, United Kingdom.

London, England, United Kingdom 2 weeks ago


Senior Information Security Engineer: £170,000 + Bonus (Elite Fintech)

Greater London, England, United Kingdom 1 day ago

London, England, United Kingdom 6 days ago

London, England, United Kingdom 3 weeks ago

London, England, United Kingdom 5 days ago


Cloud Security Analyst (ICT_TECH TD_2025_36)

Reigate, England, United Kingdom 1 week ago


Cyber Security Manager - Tesco Mobile Ireland


Cyber Security Manager - Tesco Mobile Ireland

London, England, United Kingdom 1 week ago


Senior Director of Governance, Risk, Compliance & Privacy

London, England, United Kingdom 1 week ago

London, England, United Kingdom 2 days ago


Security Analyst, Security Operations and Incident Response

London, England, United Kingdom 1 week ago

London, England, United Kingdom 2 months ago

Greater London, England, United Kingdom 2 months ago

London, England, United Kingdom 5 days ago

London, England, United Kingdom 23 hours ago

London, England, United Kingdom 1 week ago

London, England, United Kingdom 2 weeks ago

London, England, United Kingdom 2 days ago

Uxbridge, England, United Kingdom 1 week ago


Graduate Cybersecurity Analyst (Visa Sponsorship Available)

London, England, United Kingdom 1 day ago

London, England, United Kingdom 1 week ago

City Of London, England, United Kingdom 3 days ago

London, England, United Kingdom 2 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr