Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our team to enhance cyber security through red teaming and threat-led testing.
- Company: Tesco is a leading retailer focused on serving customers and communities sustainably.
- Benefits: Enjoy flexible working, 25+ days holiday, private medical insurance, and an annual bonus scheme.
- Why this job: Be part of a dynamic team that values innovation and personal development in cyber security.
- Qualifications: Experience in red team engagements and familiarity with frameworks like MITRE ATT&CK required.
- Other info: We promote diversity and inclusion, welcoming conversations about flexible working arrangements.
The predicted salary is between 48000 - 72000 £ per year.
We are passionate about step changing our cyber security capability to better protect customers and colleagues across our global business. As part of this, we’re growing our security testing function to complement and help further mature our defensive security capabilities.
This new role is the ideal opportunity for a red teamer who would like to embrace the challenge of helping us build a red team capability to complement our team of penetration testers. As we broaden our security testing to become more threat-led, we want to ensure we regularly test ourselves against the potential threats we might face.
You will have the opportunity to help support and develop a mature blue team capability even further. You will also support and collaborate with application and infrastructure teams to help address any underlying issues that you find along the way.
We believe that skilled and hard-working people are our greatest asset in reducing cyber risk to our business and customers. We encourage and support continual development and recognise the importance of keeping up with the latest technology and an evolving threat landscape.
At Tesco, we believe in the power of spending more time together, face to face, than apart. So, during your working week, you can expect to spend 60% of your time in one of our office locations or local sites and the rest remotely. We also recognise that life looks a little different for each of us. Some people are at the start of their careers, some want the freedom to do the things they love. Others are going through life-changing moments like becoming a carer, nearing retirement, adapting to parenthood, or something else. That’s why at Tesco, we always welcome a conversation about flexible working. So, please talk to the Hiring Manager about how they can support you.
You will be responsible for:
- You’ll be working in an offensively trained and defensively focused security team. Your primary responsibility will be to help us further mature our security testing team to include a threat-led testing capability.
- You’ll be working in a team of other testers and, unlike in a typical consultancy role, you’ll also have the advantage of being able to use internal knowledge, data sources, and tools to help identify attack vectors and test your hypotheses.
- Supporting our wider security capability by providing a red teamers perspective to pentesting, security detection and prevention engineering.
- Mentor and develop others in the team.
- Support the validation of findings from our bug bounty program.
- Triage and validate Tesco’s risk posture for newly released CVEs as part of vulnerability management.
- You will be given time and opportunities to carry out personal research and development as well as put yourself through certifications supported by us to ensure you remain at the leading edge of offensive security.
You will need:
- Experience of leading or performing red team engagements in a corporate environment, exposing weaknesses in security that potentially could be exploited.
- Familiarity with established frameworks such as TIBER-EU or MITRE ATT&CK.
- Experience of at least one C2 framework (for example Cobalt Strike, Mythic, Havoc).
- Experience of building or managing C2 infrastructure.
- CRTO or other industry relevant certifications are desired but not crucial.
- Knowledge of preventative and detective controls (EDR, firewalls, IDS, IPS, anti-virus, etc).
- Analytical and critical thinking skills, willingness to challenge the status quo.
- Good written and oral communication skills.
- To be comfortable working both independently and collaboratively in a diverse team.
Our vision at Tesco is to become every customer’s favourite way to shop, whether they are at home or out on the move. Our core purpose is ‘Serving our customers, communities and planet a little better every day’. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet.
Diversity, equity and inclusion (DE&I) at Tesco means that whoever you are and whatever your background, we always want you to feel represented and that you can be yourself at work. In short, we’re a place where Everyone’s Welcome. We’re proud to have been accredited Disability Confident Leader and we’re committed to providing a fully inclusive and accessible recruitment process.
We’re a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern - combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate.
Senior Red Teamer employer: Tesco
Contact Detail:
Tesco Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Red Teamer
✨Tip Number 1
Familiarise yourself with the latest trends in offensive security and red teaming. Engage with online communities, attend webinars, or join forums where professionals discuss their experiences and share insights. This will not only enhance your knowledge but also help you network with potential colleagues.
✨Tip Number 2
Consider reaching out to current employees at Tesco through LinkedIn. Ask them about their experiences and any tips they might have for someone looking to join the red team. This can provide you with insider information and potentially give you a leg up during the interview process.
✨Tip Number 3
Prepare to discuss specific frameworks like TIBER-EU or MITRE ATT&CK during your interviews. Being able to articulate how you've applied these frameworks in past roles will demonstrate your expertise and understanding of the role's requirements.
✨Tip Number 4
Showcase your analytical and critical thinking skills by preparing examples of how you've challenged the status quo in previous positions. Be ready to discuss how you identified vulnerabilities and proposed solutions, as this aligns with Tesco's focus on maturing their security capabilities.
We think you need these skills to ace Senior Red Teamer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in red teaming and security testing. Use specific examples that demonstrate your skills in leading engagements and familiarity with frameworks like MITRE ATT&CK.
Craft a Compelling Cover Letter: In your cover letter, express your passion for cyber security and how you can contribute to Tesco's mission. Mention your analytical skills and willingness to challenge the status quo, as these are key attributes for the role.
Showcase Certifications: If you have any relevant certifications such as CRTO, be sure to mention them prominently. Even if they are not crucial, they can set you apart from other candidates.
Prepare for Technical Questions: Anticipate technical questions related to red teaming and security controls. Be ready to discuss your experience with C2 frameworks and how you've applied your knowledge in previous roles.
How to prepare for a job interview at Tesco
✨Understand the Role
Make sure you have a clear understanding of what a Senior Red Teamer does. Familiarise yourself with the responsibilities mentioned in the job description, such as threat-led testing and collaboration with blue teams. This will help you articulate how your skills align with their needs.
✨Showcase Your Experience
Prepare to discuss your previous experiences leading red team engagements. Be ready to provide specific examples of how you've identified vulnerabilities and contributed to security improvements in a corporate environment.
✨Familiarity with Frameworks
Brush up on established frameworks like TIBER-EU or MITRE ATT&CK. Being able to discuss these frameworks and how they apply to your work will demonstrate your expertise and understanding of the current threat landscape.
✨Communication Skills
Since good written and oral communication skills are essential for this role, practice explaining complex security concepts in simple terms. This will show that you can effectively communicate with both technical and non-technical stakeholders.
