||Welwyn Garden City
About The Security & Capability Team
Our Security team is responsible for providing and maintaining tools used by Tesco in order to monitor and secure our systems, while also helping our colleagues globally.
We maintain global hybrid instances of our chosen tools for SIEM, Application Performance Monitoring, Log Monitoring, Backlog Management, Identity Access Management, Service Desk, self-help portals for colleagues and incident communications. In addition to the challenges delivering this capability brings, we're also the team responsible for the security operations centre and our security architecture, working across Tesco globally to secure our systems and data! Our Technology Risk & Compliance team works tirelessly to further develop a risk aware culture and drive audit and regulatory improvements across the technology team in all Tesco countries.
The Tesco Security Architecture team is responsible for facilitating the secure delivery of Tesco's APIs, platforms and services. Our role is to make Information Security relevant, simple and transformational, and support our colleagues in achieving their goals in a secure manner.
We offer excellent benefits that help make Tesco a great place to work. These include but aren't limited to:
* An annual bonus scheme which you can achieve up to 3.5% of base salary
* Colleague Clubcard (including a 2nd card for a family member) after 6 months service with 10% off most purchases at Tesco
* Holiday starting at 25 days plus a personal day
* A retirement savings plan - 4%-7.5% contribution rate
* Life Assurance - 5 x contractual pay
* Buy As You Earn Scheme
* Save As You Earn Scheme
* Deals & Discounts through Tesco including Tesco Mobile & Tesco Bank
* Deals and Discounts through many other external businesses
Whilst you will be supported by a wider team, this role will be the SME on security architecture for the Tesco global business.
You'll provide technical expertise on matters pertaining to information security, as well as being an active member of the security architecture team helping to build strong relationships across the business, to enable a good understanding of changes in the pipeline and be in a position to influence ideas, initiatives and designs early on.
You'll manage the end-to-end formal security architecture processes, engaging external resources where necessary, removing or minimising delay to the business and commissioning, tracking remedial work identified as being required. You'll also provide guidance on information security to other architects, developers and the wider Tesco business to enable informed decisions to be taken.
* Requires in-depth technical knowledge and experience; has developed specialised skills or is multi-skilled
* Applies best practices and knowledge of internal/external business challenges to improve products, processes or services
* Has developed depth and breadth of expertise in information security and architecture and moderately deep knowledge of other technical teams remits
* Solves, and leads others to solve unique and complex technical problems with a positive impact on the business
* Anticipates customer needs; assesses requirements and identifies new solutions
* Develops and ensures successful implementation of policies, processes and standards aimed at continuous improvement
* Provides full information, analysis and authoritative recommendation which is likely to be accepted by the decision makers
* Makes decisions guided by both internal policies and external industry guidelines in non-standard situations
* Develops business or technical rationale that impacts resource allocation, programme, or project support and direction
* Is accountable for technical contribution to project team
* Builds awareness of costs related to own work
Key Skills and Experience
This role would suit someone with an application security / development background with experience in Security Architecture, to include:
* Good knowledge of using a backlog management solution, e.g. JIRA
* In particular, we would like to target people with experience with OAuth 2.0, OpenID Connect, XACML and/or SCIM.
* Ability to demonstrate advanced understanding in the field of Information Security in terms of both concepts and technology
* Experience working with Cloud solutions, including securing Azure/AWS platforms
* Knowledge and experience of working with OWASP
* Experience of security governance and compliance (e.g. GDPR, PCI-DSS, ISO27001)
* Strong understanding of the penetration testing lifecycle (scope, conduct, analysis, client delivery)
* An excellent level of attention to detail and a strong sense of ownership
* Ability to articulate complex technical or sensitive issues to a wide audience is essential
* Ability to work both individually with minimal supervision in addition to working as a part of larger teams on projects of varying complexity