The following content displays a map of the jobs location - Welwyn Garden City
Senior Security Engineer - Linux
What’s in it for you
We offer excellent benefits that help make Tesco a great place to work! These include but are not limited to:
- Annual bonus scheme
- Holiday starting at 25 days plus a personal day (and bank holidays)
- Great colleague discounts and deals, saving you money on everyday purchases, utility bills for the home and more
- Retirement savings plan – save between 4% and 7.5% and Tesco will match your contribution
- Buy as you earn and Save as you earn share schemes
- Opportunities to get on – take advantage of our ongoing learning opportunities and award-winning training to help you achieve the career you want
About the role
This role is for a hands-on security engineer focused on prevention and detection capability as well as system hardening and secure configuration on Linux endpoints.
This is across a large and diverse estate of technology assets, both on-prem and in public cloud, from servers to containers. The security engineer will need to collaborate with security, infrastructure, and wider teams across Tesco to reduce the attack surface, and develop new hardened systems and configuration. These should meet the needs of the business for usability as well as the appropriate level of threat prevention and detection capability.
You will be responsible for
Responsible for the design, development and implementation of threat prevention and detection capability, system hardening and secure configuration across the organisation. This includes analysis of existing endpoint security capability and system baselines, determining appropriate controls and benchmarks, and the creation of new and revisions to existing images and configuration. You will also be responsible for tracking the compliance of systems across Tesco through monitoring and auditing. Findings from this will need to be shared effectively with teams so the attack surface is minimised.
You will need
• Strong knowledge of Linux system internals
• Experience hardening technology systems
• Working knowledge of threat prevention and detection capability
• Knowledge of hardening & compliance frameworks or guidelines (e.g. NIST, CIS)
• Ability to work independently and collaboratively across cyber security, infrastructure, and software development teams
• A broad understanding of security concepts; an interest and passion for cyber security
Desirable Skills and Experience:
• Experience working with containers, cloud infrastructure, cloud security and APIs
• Working knowledge of at least one programming language, including scripting languages such as Python or Bash
• Experience automating deployments and IaC (e.g. through use of automation tools such as Ansible, Chef or Puppet)
• Experience developing and implementing attack surface reduction rules and application control rules
• Experience using the Cyber Kill Chain or Mitre ATT&CK Framework
Our vision at Tesco is to become every customer’s favourite way to shop, whether they are at home or out on the move. Our core purpose is “Serving our customers, communities and planet a little better every day”. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of, and for the planet.
We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves. At Tesco, we not only celebrate diversity, but recognise the value and opportunity it brings. We’re committed to creating a workplace where differences are valued, and make sure that all colleagues are given the same opportunities. We’re a big business with diverse working patterns and many business areas which means that we can find something that works for you. Everyone is welcome at Tesco.
We have recently announced that we are moving to a more blended working week – combining office and remote working. Our offices continue to be where we connect, collaborate and innovate. Talk to us about how this can work for you.
Note: Should you be successful in your application, your employment will be subject to and conditional upon you providing your bank account details on your agreed start date.