The following content displays a map of the jobs location - Welwyn Garden City

Cyber Risk and Assurance Manager

Job Reference tesco/TP/10683609/782727

This job has been closed.

Number of Positions:
Contract Type:
Working Hours:
Welwyn Garden City
Closing Date:
Job Category:
Business Unit:
GB Head Office

What’s in it for you

We offer excellent benefits that help make Tesco a great place to work!  These include but are not limited to:

  • Annual bonus scheme
  • Holiday starting at 25 days plus a personal day (and bank holidays)
  • Great colleague discounts and deals, saving you money on everyday purchases, utility bills for the home and more
  • Retirement savings plan – save between 4% and 7.5% and Tesco will match your contribution
  • Buy as you earn and Save as you earn share schemes
  • Opportunities to get on – take advantage of our ongoing learning opportunities and award-winning training to help you achieve the career you want

About the role

This is a fantastic opportunity to join Tesco’s Cyber Assurance team, part of the wider Cyber Risk function. The Cyber Assurance team is our second line in Technology working with stakeholders to ensure the implementation of proportionate controls to mitigate Tesco’s cyber risk exposure.

You will be responsible for

• Lead, plan and conduct cyber risk assessments for the Group and its subsidiaries, providing recommendations where applicable

• Maintain the cyber risk register to ensure risks and mitigations remain relevant and up to date

• Monitor compliance with key controls and track status of next steps, reporting on progress to Technology senior management and key stakeholders

• Support the refinement of the cyber risk management and assurance framework

• Support Technology colleagues with queries relating to cyber risk management and control design/implementation

You will need

• IT audit/risk management, with examples of managing cyber risk and compliance within an organisation

• Experience of assessing of security controls across a variety of technologies and products, recommending improvements where necessary

• Experience and knowledge across different security frameworks and standards such as ISO 27001, NIST, CIS

• Critical thinking with strong attention to detail and good organisational skills

• Strong written, verbal communication and presentation skills, working with all levels of seniority and disciplines within the organisation

• Able to build solid working relationships with peers as well as internal and external stakeholders

• At least one professional qualification such as CISA, CISM, CISSP or equivalent


About us

Our vision at Tesco is to become every customer’s favourite way to shop, whether they are at home or out on the move.  Our core purpose is “Serving our customers, communities and planet a little better every day”.  Serving means more than a transactional relationship with our customers.  It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of, and for the planet.

We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves.  At Tesco, we not only celebrate diversity, but recognise the value and opportunity it brings.  We’re committed to creating a workplace where differences are valued, and make sure that all colleagues are given the same opportunities.  We’re a big business with diverse working patterns and many business areas which means that we can find something that works for you.  Everyone is welcome at Tesco.

We have recently announced that we are moving to a more blended working week – combining office and remote working.  Our offices continue to be where we connect, collaborate and innovate.  Talk to us about how this can work for you.

Note: Should you be successful in your application, your employment will be subject to and conditional upon you providing your bank account details on your agreed start date.