Online since 1999 | 11,040 IT Jobs Live NOW
Security Engineer (Security Platforms)
Premium Job From Tesco
Recruiter: Tesco
Listed on: 1st August
Location: Welwyn Garden City
Salary/Rate: £45000 - £65000
Salary Notes: Competitive
Type: Permanent
Start Date:
Reference: tesco/TP/427273/228926_1533130082_expired
Contact Name: Vyshi Pereira

This job has now expired please search on the home page to find live IT Jobs.

Summary

About The Technology Security Team

The Tesco security team work collaboratively with our engineering teams to support security throughout the development lifecycle, as well as to build proactive monitoring and responses to security events. We are the eyes and ears of the organisation using the latest technologies to increase visibility and protection of our systems, services and data to reduce risk and impact to our customers, colleagues and business. We need to stay ahead of the latest threats, continuously improving our tooling, training and processes.

Package

We offer excellent benefits that help make Tesco a great place to work. These include but aren't limited to:
* An annual bonus scheme which you can achieve up to 3.5% of base salary
* Privilegecard (including a 2nd card for a family member) after 6 months service with 10% off most purchases at Tesco
* A retirement savings plan - 4%-7.5% contribution rate
* Life Assurance - 5 x contractual pay
* Buy As You Earn Scheme
* Save As You Earn Scheme
* Deals & Discounts through Tesco including Tesco Mobile & Tesco Bank
* Deals and Discounts through many other external businesses

Main Responsibilities

The Role - Security Engineer (Security Platforms)

Responsible for the platforms that help secure the organisation. This will include designing, implementing and operating enterprise security technology controls and platforms such as Data Loss Prevention (DLP), Endpoint Detection & Response, Anti-Virus (AV), Email Security Gateways and Cloud Access Service Brokers (CASB). With a focus on protecting and preventing threats, including malicious software and loss of sensitive and confidential data. This role includes managing and improving existing controls, researching new controls and techniques, and improving the overall security compliance through the use of automation, monitoring and alerting, integration with SIEM, and development of security standards, procedures, and playbooks.

Whilst specific responsibilities will be dependent upon the changing needs of the Tesco business, the following provides an overview of the role's key responsibilities and measures:
* Follow our Business Code of Conduct always acting with integrity and due diligence
* Represent the Technology Security team and assist other teams to investigate security incidents
* Work closely and collaboratively with security, infrastructure and engineering teams
* Collaborate closely with colleagues within the wider global Technology organisation and the business to establish effective and productive relationships
* Involvement in and leading of security incidents which occur on Tesco systems
* Drive improvements for use cases for the security operations team
* Drive adoption of new tools and techniques being able to understand their value and impact
* Keep technical skills up to date and keep track of new technologies, understanding how they might benefit the team
* Share knowledge with the wider security community
* Champion continuous improvement within the department

This role will best suit an individual who enjoys working as part of a team, is well organised, pragmatic and a lateral thinker with an inquisitive mind who is motivated to make change for the better and, most importantly, puts our customers first.

Ideal Candidate

Key Skills and Experience

You'll need to demonstrate experience of working with enterprise security platforms:
* A good understanding of information and cyber security principles and best practices
* A strong understanding of one or more of the following areas:
* E-mail security standards (including SPF, DKIM, DMARC and PKI)
* Data Loss Protection (DLP)
* Anti-Virus (AV)
* Endpoint Detection & Response (EDR)
* Cloud Access Service Broker (CASB)
* An understanding of Windows and Unix internals would be an advantage, but is not essential
* Experience of working with O365 Exchange Online Protection, Forcepoint, Mimecast or similar security products would be an advantage, but is not essential
* Experience of working with products such as Microsoft, Sophos and Symantec endpoint security would be an advantage, but is not essential
* Ability and willingness to pick up new products and platforms quickly, transferring skills and best practices when needed
* Flexibility to join an on call rota and work outside of normal business hours when occasionally required
* One or more of the following certifications:
* CompTIA Security+
* SANS GIAC
* SSCP
* CISSP
* Or equivalent security certification

Personal
* Flexibility, ability to plan and organise, responsiveness, creativity, self-starter
* Able to build solid working relationships with peers and senior leadership
* Ability to demonstrate strong written, verbal communication and presentation skills to all levels of seniority and disciplines within the organisation