Senior Security Analyst - Vulnerability Management
Tesco Technology are looking for a Senior Security Analyst reporting into the Vulnerability Management team. This is an exciting opportunity for a highly motivated security-focused individual to join our expanding organisation. The scale and complexity of Tesco creates a huge opportunity for someone to apply their existing skills while developing new ones and make a difference to the millions of customers we serve.
The role will involve being hands-on with a focus on the availability and reliability of our data and reporting whilst having the freedom to leverage your knowledge and real-world experience to work with other teams and help drive innovation across our prevention, detection, and remediation capabilities. Your job is to provide actionable insight into the security posture of our systems and platforms prioritising remediation activities for our engineering colleagues and system owners to remediate as well as assurance that effective security controls and guardrails are in place across our on-prem and public environments.
You will be responsible for:
1. Maintaining vulnerability scanning platforms to identify and analyse vulnerabilities.
2. Taking a risk-based approach to prioritise remediation efforts.
3. Working with engineering teams to remediate issues.
4. Building a range of reporting capabilities to inform our stakeholders on the status and progress of VM remediation efforts across engineering and up to leadership and C level.
5. Data correlation and identifying patterns and trends.
6. Reviewing submissions from our active Bug Bounty Programs.
7. Developing Guardrails and Standards to reduce exposure to vulnerabilities.
You will need:
1. A keen desire to cultivate a culture of collaboration, innovation and bringing industry standards to everything we do.
2. To be proactive and able to operate independently.
3. Comfort with ambiguity.
4. Resilience – taking ownership of seeing issues through to resolution whilst looking after yourself to be at your best.
5. A passion for technology and the ability to share that passion with others.
Experience relevant for this role:
1. 4+ Years of experience working in the IT Security Industry.
2. Experience with responding to security incidents in large scale corporate environments.
3. Experience with Vulnerability Scanning tools such as Qualys and Tenable.
4. Ability to categorise criticality as well as risk of a vulnerability.
5. Expertise in networking, web services, and application testing.
6. Expert knowledge of DNS preventative network controls.
7. Intelligence gathering and keeping up to date with current as well as evolving threats.
8. Reporting at various levels to communicate risk, compliance, and remediation activities.
9. Producing and maintaining evidence for audit and governance reporting.
What's in it for you:
We’re all about the little helps. That’s why we give our wonderful colleagues bags of benefits. Including wellbeing services, an award-winning pension scheme and much, much more, our colleague reward package keeps on giving. And helps make every day a little better for you and your family. These include but are not limited to:
1. Annual bonus scheme of up to 20% of base salary.
2. Holiday starting at 25 days plus a personal day (plus Bank holidays).
3. Buy holiday salary sacrifice scheme (for salaried roles).
4. Private medical insurance.
5. Retirement savings plan - save between 4% and 7.5% and Tesco will match your contribution.
6. Life Assurance - 5 x contractual pay.
7. 26 weeks maternity and adoption leave (after 1 years’ service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 4 weeks fully paid paternity leave.
8. The right to request flexible working from your first day with us.
9. Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing.
10. A Colleague Clubcard for you & a family member (after 3 months of service), giving you access to lots of discounts in-store & online.
11. Great colleague deals and discounts, saving you money on everyday purchases, eating out, and utility bills for the home.
12. Access to our colleague networks providing a space for colleagues to come together from a range of backgrounds.
13. Opportunities to get on - take advantage of our ongoing learning opportunities and award-winning training, to help you achieve the job and career you want.
About us:
Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet. We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves. At Tesco, we not only celebrate diversity, but recognise the value and opportunity it brings. We're committed to creating a workplace where differences are valued, and make sure that all colleagues are given the same opportunities.
We're a big business with diverse working patterns and many business areas which means that we can find something that works for you. Everyone is welcome at Tesco. We have recently announced that we will be moving towards a more blended working week – combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate. Please talk to us about how this can work for you.
NOTE: Should you be successful in your application, your offer will be subject to and conditional upon you providing your bank account details on your agreed start date. We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please visit https://www.tesco-careers.com/accessibility.
#J-18808-Ljbffr