Security Engineer III - SIEM

What’s in it for you

We offer excellent benefits that help make Tesco a great place to work!  These include but are not limited to:

• Annual bonus scheme
• Holiday starting at 25 days plus a personal day (and bank holidays)
• Great colleague discounts and deals, saving you money on everyday purchases, utility bills for the home and more
• Retirement savings plan – save between 4% and 7.5% and Tesco will match your contribution
• Buy as you earn and Save as you earn share schemes
• Opportunities to get on – take advantage of our ongoing learning opportunities and award-winning training to help you achieve the career you want

About the role

About The Cyber Security Team

Our cyber security team are the eyes and ears of our organisation. We use the latest technologies to increase visibility and protection of systems, services and data. To do this we need to stay ahead of the latest threats and continuously improve our tooling, techniques, and processes.

Responsible for developing and running security processes day-to-day for the Tesco Group, we’re continually working to step change security capability to further enhance the protection and controls that we offer for our customers and colleagues across the UK, Europe and Asia, and we’re looking to add great people to our growing team.

We believe that skilled and passionate people are our greatest asset in reducing risk to our business and customers. We encourage and support continual development and learning and recognise the importance of keeping up with changes in technology and an evolving threat landscape.

Communication is key – working collaboratively with our software and systems engineering teams to support security throughout the development lifecycle, as well as to build proactive monitoring and responses to security events.

You will be responsible for

Main Responsibilities

The Role – Security Engineer

You will focus on improving the telemetry, processes and tools for Tesco’s SIEM system. This role requires proven experience with security telemetry, security intelligence, anomaly hunting and incident response.

The Engineer must leverage intuition, security knowledge and a broad of array of tools and advanced security techniques to help us uncover and stay alert to malicious activity.  Bilaterally, we’re building a threat hunting capability to feed back into our telemetry and processes. 

You will need

Ideal Candidate

Key Skills and Experience

• Experience performing technical analysis involving security event data and evaluating malicious activity.
• Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP etc., and accompanying protocol/packet analysis/manipulation tools.
• Knowledge of information security protection/detection and authentication systems (firewalls, IDS, IPS, anti-virus, etc).
• Knowledge of commonly-accepted information security principles and practices, as well as techniques attackers would use to identify vulnerabilities, gain unauthorized access, escalate privileges and access restricted information.
• Knowledge of current operating environments (Microsoft, Linux, & OS X).
• Understanding and application of the following security tools: Development / Configuration experience with any industry leading SIEM platform.
• Experience of development using a programming language in a DevOps environment using agile techniques.
• Exceptional analytical and critical thinking, willingness to challenge status quo.
• Excellent interpersonal skills.
• Advanced written and oral communications, self-motivator.
• Team player and independent worker, highly adaptive.

Desirable Tools / Technologies:

• Splunk (including Enterprise Security, UBA and CIM)
• AWS
• Devops toolsets – Github, Jenkins, Jira etc.
• Python, Java

Academia: College degree or equivalent work experience.

Desirable Certifications:  SSCP, GSEC, GCIH, GCIA or other industry relevant certifications.

About us

Our vision at Tesco is to become every customer’s favourite way to shop, whether they are at home or out on the move.  Our core purpose is “Serving our customers, communities and planet a little better every day”.  Serving means more than a transactional relationship with our customers.  It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of, and for the planet.

We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves.  At Tesco, we not only celebrate diversity, but recognise the value and opportunity it brings.  We’re committed to creating a workplace where differences are valued, and make sure that all colleagues are given the same opportunities.  We’re a big business with diverse working patterns and many business areas which means that we can find something that works for you.  Everyone is welcome at Tesco.

We have recently announced that we are moving to a more blended working week – combining office and remote working.  Our offices continue to be where we connect, collaborate and innovate.  Talk to us about how this can work for you.

Note: Should you be successful in your application, your employment will be subject to and conditional upon you providing your bank account details on your agreed start date.