Overview
Our Security Operations Centre (SOC) is at the forefront of protecting Tesco’s technology estate. We lead real‑time threat monitoring, incident response, and proactive threat hunting across the Tesco Group. We collaborate with Digital Forensics & Incident Response, Threat Intelligence, Automation, and Detection Engineering teams to ensure rapid detection, analysis and mitigation of security threats. Beyond investigating incidents we work with other teams to drive continuous service improvements and enhance our overall security capabilities.
Responsibilities
* Follow our Business Code of Conduct and act with integrity and due diligence.
* Proactively monitor and analyse security events using SIEM/XDR platforms and other security tools to identify and respond to potential threats across various environments.
* Evaluate and handle alerts, applying technical expertise to analyse risk, gauge incident severity, and promptly initiate necessary actions for resolution.
* Respond to security incidents focusing on thorough investigation, containment, remediation, and post‑incident analysis to prevent future occurrences.
* Conduct proactive threat hunting across the environment to detect unknown threats and enhance early detection capabilities.
* Maintain situational awareness of the current operational and threat landscape by staying informed of new attacker techniques, vulnerabilities and trends.
* Help build and implement security measures, standards and playbooks to ensure compliance with industry standards.
* Support the continuous improvement of SOC processes, detection and automation use‑cases to enhance operational efficiency and effectiveness.
* Collaborate with Incident Managers, the Cyber Threat Intelligence team and other partners to ensure a unified response and situational awareness across the organisation.
Qualifications
* 3+ years of experience in successful SOC analyst positions, preferably within an internal SOC environment.
* Proficient in technical analysis, investigations and handling security incidents in large‑scale, fast‑paced corporate environments, both on‑premises and in the cloud.
* Proficient in security monitoring tools and technologies.
* In‑depth knowledge of operating systems and networking concepts (e.g., TCP/IP, DNS).
* Experience with enterprise security technologies including XDR, SOAR, and SIEM.
* Familiarity with cloud platforms and their security features.
* Understanding of incident response frameworks (e.g., NIST, MITRE ATT&CK).
* Strong analytical and problem‑solving skills for identifying and responding to security incidents.
* Ability to work effectively in a team and communicate clearly with both technical and non‑technical partners.
* Experience with scripting languages such as Python or PowerShell for automating tasks.
* Excellent written and verbal skills for documenting incidents and communicating with partners.
* Critical thinking for making informed decisions during incidents.
* Ability to handle high‑stress situations with composure, efficiency and integrity.
* Relevant certifications (e.g., CompTIA Security+, CSA+) are a plus. Certifications or equivalents are desirable but not a requirement.
* Desirable: completion of relevant training courses such as SEC450 (Blue Team Fundamentals), SEC511 (Continuous Monitoring and Security Operations), SEC530 (Defensible Security Architecture and Engineering) and SEC555 (SIEM with Tactical Analytics).
* Commitment to staying updated with the latest security trends and threats to ensure effective performance in the role.
Benefits
* Annual bonus scheme of up to 20% of base salary.
* Holiday starting at 25 days plus a personal day (plus Bank holidays).
* Private medical insurance.
* 26 weeks maternity and adoption leave (after 1 year’s service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, and 6 weeks fully paid paternity leave.
* Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, and free access to a range of experts to support your mental wellbeing.
About Us
Our vision at Tesco is to become every customer’s favourite way to shop, whether they are at home or on the move. Our core purpose is ‘Serving our customers, communities and planet a little better every day’. We are proud to have an inclusive culture where everyone can be themselves and where difference is valued. Tesco is committed to creating a fully inclusive and accessible recruitment process and offers a range of full‑time and part‑time working patterns across many business areas.
#J-18808-Ljbffr