Hackajob is a matching platform partnering with Tesco helping them to hire the best talent and build the future. To get the chance to get matched to this role and other similar roles, click on Apply to set up your free profile. Tesco Technology is a dynamic global team of over 3,000 experts across multiple countries. They are dedicated to developing innovative technology solutions that enhance customer experiences, cybersecurity, and business operations. At Tesco Technology, individuals with diverse skills and experiences collaborate to address global challenges, making a real impact on people and the planet. It's a place where your career thrives with abundant opportunities to shape Tesco's future. About the role As a Security Engineer III, you build and/or implement security tools and platforms that enhance their information security prevention, detection, and response capabilities. Your goal is to protect their customers, suppliers, colleagues, networks, systems, applications and information from cyber-attacks. You excel at improving security outcomes faster and at reduced cost for their businesses in teams with a mixed range of skills from hands-on through to architecture. You are the subject matter expert and lead initiatives that drive fast and consistent response through automation. In order to be successful, you will be aligned as the Security Partner for selected verticals under the engineering domain. About their Security Engineering team They are 15 and growing team that supports Tesco technology and software development teams across cloud and other cutting edge technologies at scale. They have a new role to lead security partnerships to drive and oversee security initiatives for an engineering domain. Tesco technology comprises of several domains and over 120 teams developing software who are responsible for their own security, so they act differently than a traditional security team. They're team of security partners, not security police. They go as far as calling themselves as Security Partners, not Security Architects or Consultants. Security Engineering team is part of Security & Capability group that offers the enterprise with various security solutions and capabilities. Their software engineering teams have tremendous freedom in their work and the corresponding responsibility to do the right thing for their customers. Instead of controlling their engineering teams with process and security gates, they enable them to innovate by providing security guidance to make right decisions for Tesco. The good news is that their engineering teams are (usually) willing partners in doing better security, more efficiently and earlier in the process. They want you to help them scale out and represent themselves for the wider engineering domain. Tesco has fully embraced devops and agile methodologies to develop their enterprise APIs, services and cloud capabilities. Their 100 delivery teams have loads of Docker, Kubernetes and microservices galore across Azure and AWS, so their security approach must work with elastic, here today, gone tomorrow infrastructure. Their security approaches should be eventdriven, real-time and effective. Weekly scans are so 2010. You will be responsible for · Build a good understanding of the aligned verticals, the technology architecture, the criteria and constraints, the security posture and technical debts. · Understand the threat landscape and take a risk-based approach on security. · Drive security initiatives such as developing security requirements, threat modelling, strengthening application security, vulnerability reduction, etc., across that product areas. · Review architecture and design for security problems, indulge in enabling software development teams to use security capabilities and tooling provided by Tesco. · Be ready to review critical code, build pipelines, deployment methods, etc and assist teams in doing better security overall. · Apply security and privacy principles in your daily job. · Facilitate risk remediation but also challenge decisions and status-quo. · Facilitate in assurance activities like penetration testing, purple testing, app assurance. · Build quarterly/monthly roadmaps for security activities and plan them with stakeholders. · Be an evangelist for security, take part in strengthening Tesco's internal policies and standards. You will need · Strong written and verbal communication skills. · Strong problem solving, analysis and computational skills. · Drive tactical vs. strategic decision making. · Be an advocate for change. · Work experience in customer-facing solutions, web technologies, payment systems, content delivery networks, REST APIs, micro services, modern application development. · Understand every-growing threat landscape and identify business risks. · Good understanding of public cloud services and various architecture patterns. · Good understanding of software, network and infrastructure security. · Deeper understanding of application security and DevSecOps (the shift-left culture) · General security principles, privacy principles, industry standards such as NIST, ISO27001, CIS, MITRE framework. · Preferred Azure or AWS cloud security certifications What’s in it for you Package Description They offer excellent benefits that help make Tesco a great place to work. These include but aren’t limited to: · An annual bonus scheme which you can achieve up to 20% of base salary · Colleague Clubcard (including a 2nd card for a family member) after 6 months service with 10% off most purchases at Tesco · Holiday starting at 25 days plus a personal day · A retirement savings plan - 4%-7.5% contribution rate · Life Assurance - 5 x contractual pay · Buy As You Earn Scheme · Save As You Earn Scheme · Deals & Discounts through Tesco including Tesco Mobile & Tesco Bank · Deals and Discounts through many other external businesses About them Their vision here at Tesco is to become every customer's favourite way to shop, whether they are at home, out shopping, on the move, anywhere in the world. They want their customers to be inspired and whatever they are looking for, they're finding bigger and better ways to provide it. Everything is underpinned by their continuous drive for the best tools and technology to deliver their vision. They're driving innovation and transforming their Technology to become the world’s leading retailer. They need people who share their ambition to deliver for their customers; Passionate and confident people willing to take the initiative and drive them forwards. In return they offer excitement, a great team, an excellent benefit package, and significant career development opportunities. Joining them means playing a part in defining; building and launching an ambitious roadmap of digital products that could affect the lives of millions of people over the years to come. If that sounds exciting then they'd love to hear from you.