Security Engineering Manager - SIEM Detection Engineering

What’s in it for you

We offer excellent benefits that help make Tesco a great place to work!  These include but are not limited to:

• Annual bonus scheme
• Holiday starting at 25 days plus a personal day (and bank holidays)
• Great colleague discounts and deals, saving you money on everyday purchases, utility bills for the home and more
• Retirement savings plan – save between 4% and 7.5% and Tesco will match your contribution
• Buy as you earn and Save as you earn share schemes
• Opportunities to get on – take advantage of our ongoing learning opportunities and award-winning training to help you achieve the career you want

About the role

We are passionate about step changing our cyber security capability to better protect our customers and colleagues across our global businesses, and we’re looking to add great people to our growing team.

This new role challenges you and your team to use blue and red team approaches to identify and develop detective use cases.  Tesco has a very large technical landscape, running on everything from our own data centres, SaaS, PaaS, IaaS to multiple cloud providers, including our own developed private cloud.  Your role is to build and mature detective controls across all of this to spot bad.  You don’t do this on your own; working collaboratively with many of our teams is key to progressing detection maturity, efficiently and at scale across Tesco. Be prepared to be challenged, we regularly test our detections with collaborative purple teaming, red teaming and don’t forget the real incidents.

We believe that skilled and passionate people are our greatest asset in reducing cyber risk to our business and customers. We encourage and support continual development and recognise the importance of keeping up with the latest technology and an evolving threat landscape.

Are you up for this challenge?

You will be responsible for

You’ll be leading an offensively minded and defensively focused security engineering team, accountable for maturing our SIEM detections.  As part of progressing detection maturity, you will interact with several security teams and the primary customer being the Security Operations Centre. You will be actively tuning and evolving the SOCs technical capability. You will also be key to supporting the Vulnerability Management team; helping them integrate and mature our VM tooling.

As an engineering manager, you need both a leadership and technical focus.  You’ll lead the engineering team in agile practices whilst helping and supporting your team. On the technical side, you’ll be building and delivering the roadmap for SIEM maturity, as well as getting into the detail around development stories and contributing to the sprints yourself.

You will be given time and opportunities to develop yourself, both technically and in leadership which includes putting yourself through leading certifications supported by us to ensure you are on the cutting edge of detective security.

You will need

• A track record of developing detective controls in an enterprise environment
• Knowledge of preventative and detective controls (e.g., Infrastructure, software, cloud, enterprise controls)
• Experience of leading a technically focused team
• Experience of software engineering with a security mindset
• Experience of developing and maturing SIEM solutions
• Understanding of agile and DevOps methodologies, delivering often and automate where possible
• Exceptional analytical and critical thinking, willingness to challenge status quo
• Excellent interpersonal skills
• Advanced written and oral communications, self-motivator
• GMON, OSCP, or other industry relevant certifications are desired but not crucial
• Ability to work in a team as well as an independent worker, highly adaptive
• Customer focus, developing relationships

About us

Our vision at Tesco is to become every customer’s favourite way to shop, whether they are at home or out on the move.  Our core purpose is “Serving our customers, communities and planet a little better every day”.  Serving means more than a transactional relationship with our customers.  It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of, and for the planet.

We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves.  At Tesco, we not only celebrate diversity, but recognise the value and opportunity it brings.  We’re committed to creating a workplace where differences are valued, and make sure that all colleagues are given the same opportunities.  We’re a big business with diverse working patterns and many business areas which means that we can find something that works for you.  Everyone is welcome at Tesco.

We have recently announced that we are moving to a more blended working week – combining office and remote working.  Our offices continue to be where we connect, collaborate and innovate.  Talk to us about how this can work for you.

Note: Should you be successful in your application, your employment will be subject to and conditional upon you providing your bank account details on your agreed start date.