Booker - Cyber Security Manager

What’s in it for you

At Booker Group we offer excellent benefits that help make our business a great place to work. These include but aren’t limited to:

• A great holiday package.
• Pension Scheme.
• Life Assurance Scheme.
• Save As You Earn Scheme.
• Give As You Earn Scheme.
• Free eye tests and subsidised eye care.
• A commitment to your career development.
• Discounted shopping in both Tesco and Booker stores.
• Deals & Discounts through Tesco including Tesco Mobile and Tesco Bank.
• Deals & Discounts through many other external businesses.
• Free on-site parking.

*Booker Group is part of Tesco plc, however is operated separately from the core Tesco business and as such the benefits offered will be different from those offered at Tesco*

About the role

Booker is undergoing a very exciting transition period where as a business we are improving the technology and systems throughout the Group.

There is a key focus on technology security within Booker and as such, we are looking to recruit a dedicated Cyber Security Manager. The role would work closely with the Booker IT team, peers in Tesco Technology and stakeholders across the wider business to ensure an appropriate information security plan is implemented alongside the other changes being delivered.

This is an excellent opportunity to be part of a business as they go through a significant amount of change.  Reporting into the Booker IT Director, you will be implementing the organisation’s information security plan and providing risk analyses, risk monitoring, incident registration, tools, training and evaluation with respect to information security. The role is also responsible for initiating and managing information security and awareness projects. The Cyber Security Manager is recognised as the information security expert by internal and external stakeholders. This is a hands-on role, able to drive plans forward and get involved in the detail whenever necessary.

You will be responsible for

Responsibilities include:

• Implement information security risk management, supporting both GDPR and PCI.
• Present risk-based security position and recommendations to management and executive teams.
• Drive the organisation’s information security improvement plans which includes incorporating Tesco Group security requirements for GDPR and PCI.
• Provide information security designs and solutions and drive the implementation of security-by-design and privacy-by-design in information systems.
• Provide expertise on information security to the group.
• Ensure adequate registration, analysis, resolution and reporting of privacy and information security incidents.
• Adapt information security activities and projects to other information security domains, including privacy protection and physical security.
• Implement appropriate Cyber Security Awareness programs for colleagues.
• Monitor and perform information security assessments, pen testing, reviews and audits.
• Provide technical oversight of all security tooling and infrastructure services in use across the group; make recommendations on configuration and implementation improvements.
• Own third party vendor management for security services.
• Provide information security support to the IT Booker team for all other vendors.
• Monitor and respond to emerging threat patterns, vulnerabilities and anomalies.
• Responsible for collaborating with the Tesco Group Security Architecture team to report appropriate operational issues that may be resolved at an architecture level.
• Responsible for collaborating with the Tesco Group Threat Intelligence and team to identify opportunities for security controls optimisation in line with threats affecting technology services.
• Responsible for collaborating with the Tesco Group Security Operations team to help ensure the entire Tesco Group are protected against emerging threats.

You will need

• Ability to develop and maintain relationships with various stakeholders, internal and external.
• Strong working knowledge of security management principles and practices, including vulnerability management, event management, application security, Identity management, incident response.
• Logical thinker with a strong analytical background.
• Previous hands on role in one of these domains, networks, sysadmin, software developer, security analyst.
• Security qualifications such as CISM, CISSP, CISA or equivalent are desirable.
• Security qualifications such as SANS Enterprise Defender (SEC501) or EC-Council Certified Ethical Hacker (CEH) are advantageous.

About us

Booker is the UK's leading food & drink wholesaler. We are privileged to serve independent retailers, caterers and small businesses, from locations across the country.

Booker Group comprises of Booker Wholesale, Makro, Booker Direct, Classic Drinks, Ritter Courivaud and Chef Direct.  Our customers include Premier, Family Shopper, Budgens and Londis retailers and we have one shared aim - improving choice, price and service for all our customers.

Our business is incredibly diverse, so it takes a wide range of skills to deliver the exceptional service our customers require.

Wherever you join us, you’ll be part of an organisation that will help your career to keep moving forward.  Booker Group is also part of Tesco plc, however is operated separately from the core Tesco business.