Security Engineering Manager (Endpoint Security)
||Welwyn Garden City
This job has now expired please search on the home page to find live IT Jobs.
About the Security & Capability Team
Our team is responsible for providing and maintaining tools used by Tesco in order to monitor and secure our systems, while also helping our colleagues globally.
We maintain global hybrid instances of our chosen tools for SIEM, Application Performance Monitoring, Log Monitoring, Backlog Management, Identity Access Management, Service Desk, self-help portals for colleagues and incident communications. In addition to the challenges delivering this capability brings, we're also the team responsible for the security operations centre and our security architecture, working across Tesco globally to secure our systems and data! Our Technology Risk & Compliance team works tirelessly to further develop a risk aware culture and drive audit and regulatory improvements across the technology team in all Tesco countries.
We aim to provide colleagues with a great experience by providing world class tooling, processes and advice. We believe in solutions that are either self-service or invisible to the end user - that's not always easy to achieve, but it's what we strive for.
We offer excellent benefits that help make Tesco a great place to work. These include but aren't limited to:
* An annual bonus scheme which you can achieve up to 3.5% of base salary
* Privilegecard (including a 2nd card for a family member) after 6 months service with 10% off most purchases at Tesco
* A retirement savings plan - 4%-7.5% contribution rate
* Life Assurance - 5 x contractual pay
* Buy As You Earn Scheme
* Save As You Earn Scheme
* Deals & Discounts through Tesco including Tesco Mobile & Tesco Bank
* Deals and Discounts through many other external businesses
Our Technology Team is now seeking an Endpoint Security Engineering Manager to join the team!
The Endpoint Security Engineering Manager provides technical direction and advanced support for endpoint security products used across the organisation, responsible for the team and multiple tools and platforms that deliver key security capabilities.
This will include researching, engineering, implementing and operating enterprise endpoint security products, with key areas focusing on preventing malware and the loss of data.
This will involve managing and improving endpoint security compliance, through automation, monitoring and alerting, SIEM integration, development and implementation of standards, procedures, and guidelines covering different platforms and devices.
Other responsibilities will include:
* Follow our Business Code of Conduct always acting with integrity and due diligence
* Represent the Technology Security team and assist other teams to investigate security incidents
* Work closely and collaboratively with security, infrastructure and engineering teams
* Collaborate closely with colleagues within the wider global Technology organisation and the business to establish effective and productive relationships
* Involvement in and leading of security incidents which occur on Tesco systems
* Drive improvements for use cases for the security operations team
* Drive adoption of new tools and techniques being able to understand their value and impact
* Keep technical skills up to date and keep track of new technologies, understanding how they might benefit the team
* Share knowledge with the wider security community
* Champion continuous improvement within the department
This role will best suit an individual who enjoys working as part of a team, is well organised, pragmatic and a lateral thinker with an inquisitive mind who is motivated to make change for the better and, most importantly, puts our customers first.
Key Skills and Experience
You'll need to have demonstrated experience of working with enterprise endpoint security platforms:
* A strong understanding of information and cyber security principles and best practices
* A thorough and demonstrable understanding of endpoint security controls
* An understanding of Windows and Unix internals
* Experience of working with enterprise endpoint security platforms (AV / anti-malware, EDR, DLP)
* Experience of working with Microsoft, Sophos and Symantec endpoint security products would be an advantage, but is not essential
* Ability to pick up new products and platforms quickly, transferring skills and best practices when needed
* Experience leading and developing a team of engineers in a similar role
* Experience developing and maintaining working relationships with 3rd party solution and service providers
* Willing to join an on call rota and work outside of normal business hours when occasionally required
* One of the following certifications:
* CompTIA Security+
* SANS GIAC
* Flexibility, ability to plan and organise, responsiveness, creativity, self-starter
* Able to build solid working relationships with peers and senior leadership
* Ability to demonstrate strong written, verbal communication and presentation skills to all levels of seniority and disciplines within the organisation