Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the development and improvement of Tesco's cyber security detection capabilities.
- Company: Join Tesco, a leading retailer committed to serving customers and communities sustainably.
- Benefits: Enjoy flexible working, annual bonuses, private medical insurance, and generous leave policies.
- Why this job: Be part of a dynamic team tackling real-world cyber threats in an inclusive environment.
- Qualifications: Strong skills in security engineering, threat detection, and familiarity with various operating systems required.
- Other info: Opportunities for professional growth and a commitment to diversity and inclusion.
The predicted salary is between 36000 - 60000 £ per year.
Security Engineer (Detection Engineering)
About the role
As a Cyber Security Detection Engineer, you will lead the development, implementation, and continuous improvement of Tesco’s cyber security detection capability. You will be required to understand the changing threat landscape, see opportunities for improvement in existing detections, establish new detections, and ensure appropriate detection coverage for the organisation. You will work closely with multiple teams, including security operations, engineering, and risk & compliance, in a fast paced and agile environment.
At Tesco, we believe in the power of spending more time together, face to face, than apart. So, during your working week, you can expect to spend 60% of your time in one of our office locations or local sites and the rest remotely. We also recognise that life looks a little different for each of us. Some people are at the start of their careers, some want the freedom to do the things they love. Others are going through life-changing moments like becoming a carer, nearing retirement, adapting to parenthood, or something else. That’s why at Tesco, we always welcome a conversation about flexible working. So, talk to us throughout your application about how we can support.
You will be responsible for
Responsible for developing and driving the cyber security detection capability both day-to-day and strategically for the Tesco Group. You are expected to seek out effective and comprehensive detection logic and capability, ensuring detections are robust and not brittle, thoroughly tested, and that alerts and supporting information is available to and understood by operational cyber security teams. You are expected to put the needs of operational teams and incident responders at the centre of your development work, ensuring detections and alerts are relevant, of value, and have practical response steps. You will need to ensure detection capability is fit for both on-premises, private and public cloud environments, working at significant scale, and across a diverse range of asset types. In addition, you may provide support during cyber security incidents, participate in threat hunts, and work with other security teams to deliver automation and standardisation to improve efficiency and response.
You will need
Security Engineering Skills
- Ability to assess and validate information from various sources on cyber and informational security threats to business.
- Ability to analyse and identify significance of processed intelligence to identify trends, threat actor TTPs and potential capabilities.
- Ability to break down and translate information into tangible actionable data.
Secure & Test-Driven Engineering
- Understanding of cyber security threat frameworks such as MITRE ATT&CK, Lockheed Martin Killchain etc.
- Ability to specify/implement processes to maintain required level of security for a component/product/system during its lifecycle.
- Proficient at detection development lifecycle covering all reasonable positive and negative test cases.
- Ability to conducts code reviews of existing content and processes to identify and enhance or mitigate security issues.
- Contribute to security evaluation of or testing of threat/vulnerabilities faced by systems.
- Applies recognised evaluation/testing methodologies, tools and techniques to signature development/reviews, suggesting new ones where appropriate.
Research
- Ability to quantify and define research goals to generate worthwhile relevant detection ideas for further testing and exploration.
- Ability to summarise findings or technical information to be disseminated with wider teams, factoring in business knowledge and summaries.
Key Skills and Experience
- An ability to develop queries and enable robust detection of threats.
- Working knowledge of Windows, macOS or Linux operating systems.
- Ability to work independently as well as part of a team.
- Understanding of modern attacker TTPs.
- Translate threat intelligence into actionable detection logic.
- Solid grasp of detection technologies.
- A broad understanding of security concepts; an interest and passion for cyber security.
- An analytical approach; ability in problem solving and comfortable working on production systems at scale.
- Query languages such as KQL or SPL.
- Experience developing and maintaining basic automation scripts (e.g., Bash, Python, Batch, PowerShell etc.).
Desirable Skills and Experience:
- Knowledge of cloud infrastructure, cloud security and cloud APIs a plus.
- Knowledge of attacker tools and evasion techniques within offensive engineering.
- Working knowledge of at least one major programming language, including scripting languages like Python and PowerShell.
- Experience of developing detections as code.
Desirable Certifications
- One or more from: CompTIA Security+, GIAC, CEH, SSCP. Where appropriate other industry relevant certifications will be considered.
What’s in it for you
We’re all about the little helps. That’s why we make sure our Tesco colleague benefits package takes care of you – both in and out of work.
- Annual bonus scheme of up to 20% of base salary.
- Holiday starting at 25 days plus a personal day (plus Bank holidays).
- Private medical insurance.
- 26 weeks maternity and adoption leave (after 1 years’ service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 6 weeks fully paid paternity leave.
- Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing.
About us
Our vision at Tesco is to become every customer’s favourite way to shop, whether they are at home or out on the move. Our core purpose is ‘Serving our customers, communities and planet a little better every day’. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet.
Diversity, equity and inclusion (DE&I) at Tesco means that whoever you are and whatever your background, we always want you to feel represented and that you can be yourself at work. In short, we’re a place where Everyone’s Welcome . We’re proud to have been accredited Disability Confident Leader and we’re committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please click here.
We’re a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern – combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate.
#J-18808-Ljbffr
Security Engineer (Detection Engineering) employer: ENGINEERINGUK
Contact Detail:
ENGINEERINGUK Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security Engineer (Detection Engineering)
✨Tip Number 1
Familiarize yourself with the MITRE ATT&CK framework and other cyber security threat frameworks mentioned in the job description. Understanding these frameworks will help you demonstrate your knowledge of modern attacker TTPs during interviews.
✨Tip Number 2
Engage with the cyber security community by participating in forums or attending meetups. This can provide you with insights into current trends and challenges in detection engineering, which you can discuss in your conversations with us.
✨Tip Number 3
Showcase your experience with query languages like KQL or SPL by working on personal projects or contributing to open-source initiatives. This practical experience can set you apart and demonstrate your ability to develop robust detection logic.
✨Tip Number 4
Prepare to discuss how you've previously collaborated with cross-functional teams, such as security operations and engineering. Highlighting your teamwork skills will align well with our emphasis on collaboration in a fast-paced environment.
We think you need these skills to ace Security Engineer (Detection Engineering)
Some tips for your application 🫡
Understand the Role: Make sure you thoroughly understand the responsibilities and requirements of the Security Engineer (Detection Engineering) position. Tailor your application to highlight your relevant skills and experiences that align with Tesco's needs.
Highlight Relevant Skills: Emphasize your experience with detection technologies, query languages like KQL or SPL, and any programming or scripting skills you possess. Mention specific projects or achievements that demonstrate your ability to develop robust detection capabilities.
Showcase Your Passion for Cyber Security: In your cover letter or personal statement, express your enthusiasm for cyber security and your understanding of modern attacker TTPs. Share any relevant certifications or training that showcase your commitment to the field.
Tailor Your CV: Customize your CV to reflect the key skills and experiences mentioned in the job description. Use clear headings and bullet points to make it easy for the hiring team to see how you meet their criteria.
How to prepare for a job interview at ENGINEERINGUK
✨Understand the Threat Landscape
Make sure to familiarize yourself with the current cyber security threats and trends. Being able to discuss recent incidents or emerging threats will show your awareness and proactive approach in the field.
✨Demonstrate Your Technical Skills
Be prepared to showcase your knowledge of detection technologies and frameworks like MITRE ATT&CK. You might be asked to explain how you would develop detection logic or respond to specific threats, so practice articulating your thought process.
✨Highlight Collaboration Experience
Since the role involves working closely with various teams, share examples of how you've successfully collaborated in the past. Emphasize your ability to communicate effectively with both technical and non-technical stakeholders.
✨Showcase Your Problem-Solving Skills
Prepare to discuss specific challenges you've faced in previous roles and how you approached solving them. This could include developing automation scripts or enhancing existing detection capabilities, demonstrating your analytical mindset.
