We are committed to align with the digital advancements at Tesco and secure the new technologies that enable our business to have a superior focus on serving our customers, communities, and planet. Application Security Solution Architecture team within the larger cyber security group at Tesco Technology has been established to define the security architecture patterns covering cloud-native services, deliver the security design artefacts, develop the security architecture standards and lead the adoption of the architectural patterns into development projects across all directorates. Highly competent, committed, and passionate architect will strengthen the Application Security Architecture team, as we build the defensible application security architectures to protect our customers, partners, and colleagues. Engage in Security Architecture and Design, including Threat Modelling, for strategic platforms and systems with modern software architectures and advanced tech stacks. Drive security architecture decisions and guide security implementation for critical strategic systems. Lead the adoption of Security and Privacy by-Design principles with architects and development teams. Develop application security architecture patterns covering cloud-native services, security design artifacts, and architecture standards in alignment with Tesco's cyber security strategy, industry standards, and regulatory requirements. Perform threat models for strategic application systems, identify security design flaws and technology weaknesses, and define security design requirements to address cyber threats. Influence decision makers to improve application architecture patterns and strengthen security. Develop security standards for both front-end and back-end technologies and provide guidance on secure application and web service development. Experience in developing application security architecture patterns and design principles. Proficiency in Apps/API solution-level threat modeling and deep-dive technical security assessments. Experience with Kubernetes, Docker containers, and preferably GitHub Actions (or other CICD frameworks). Knowledge of application security frameworks and securing front-end and back-end technologies. A strong understanding of inherent application design flaws and gaps in different architectures. Experience with modern SDLC methodologies and technologies. Familiarity with application attack tactics and techniques (MITRE Framework), security maturity models (OpenSAMM, BSIMM), security frameworks (NIST CSF), security standards (OWASP, SANS Top 25), and regulations (GDPR, PA-DSS).