TL;DR

Senior Cyber Security Partner (Cybersecurity): Collaborating with product and engineering teams to design and implement resilient solutions, protecting the business and customers from cyber threats with an accent on threat landscape and security roadmap. Focus on overseeing product security activities, from security requirements to mitigating supply-chain risks and infrastructure security.

Location: Welwyn Garden City

Salary: Annual bonus scheme of up to 20% of base salary

Company

Tesco's vision is to become every customer's favorite way to shop, whether they are at home or out on the move.

What you will do

  • Provide product and engineering teams with guidance on all security matters.
  • Engage engineering leadership on security roadmap and oversee security posture of what they build.
  • Co-own the security roadmap, discuss, prioritize, and co-develop plans for remediation for the product areas.
  • Empower security champions to succeed and create a strong feedback loop for improvements.
  • Represent security in all product and architecture meet-ups and be part of critical decisions about security.
  • Oversee product security activities from security requirements and threat modeling to mitigating supply-chain risks and securing infrastructure.

Requirements

  • Experience across multiple sectors with diverse roles in engineering and security.
  • Demonstrable accomplishments of collaborating with leadership and management on security programs and initiatives.
  • Good knowledge of various security domains and solid experience in architecture practices and design patterns.
  • Experience in designing security and privacy controls with a sound understanding of standards and regulations.
  • Experience in threat modeling, applying MITRE ATT&CK framework.
  • Good understanding of web applications, REST APIs, microservices, modern application frameworks, and mobile apps.
  • Proficient in applying industry standards such as OWASP ASVS, OWASP Top 10, and CIS controls and benchmarks.

Culture & Benefits

  • Holiday starting at 25 days plus a personal day (plus Bank holidays).
  • Private medical insurance.
  • 26 weeks maternity and adoption leave at full pay (after 1 year's service), followed by 13 weeks of statutory pay; also offer 6 weeks fully paid paternity leave.
  • Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing.
  • Work in a blended pattern, combining office and remote working.