Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the development and improvement of Tesco's cyber security detection capabilities.
- Company: Join Tesco, a leading retailer committed to serving customers and communities sustainably.
- Benefits: Enjoy perks like an annual bonus, discounts, 25 days holiday, and flexible working options.
- Why this job: Be part of a dynamic team tackling real-world cyber threats in a supportive environment.
- Qualifications: Experience in security engineering, threat analysis, and familiarity with various operating systems required.
- Other info: Diversity and inclusion are core values; we welcome applicants from all backgrounds.
The predicted salary is between 43200 - 72000 £ per year.
As a Cyber Security Detection Engineer, you will lead the development, implementation, and continuous improvement of Tesco's cyber security detection capability. You will be required to understand the changing threat landscape, see opportunities for improvement in existing detections, establish new detections, and ensure appropriate detection coverage for the organisation. You will work closely with multiple teams, including security operations, engineering, and risk & compliance, in a fast paced and agile environment.
We offer excellent benefits that help make Tesco a great place to work. These include but aren't limited to:
- An annual bonus scheme which you can achieve up to 20% of base salary
- Colleague Clubcard (including a 2nd card for a family member) after 6 months service with 10% off most purchases at Tesco
- Holiday starting at 25 days plus a personal day
- A retirement savings plan - 4%-7.5% contribution rate
- Life Assurance - 5 x contractual pay
- Buy As You Earn Scheme
- Save As You Earn Scheme
- Deals & Discounts through Tesco including Tesco Mobile & Tesco Bank
- Deals and Discounts through many other external businesses
You will be responsible for developing and driving the cyber security detection capability both day-to-day and strategically for the Tesco Group. You are expected to seek out effective and comprehensive detection logic and capability, ensuring detections are robust and not brittle, thoroughly tested, and that alerts and supporting information is available to and understood by operational cyber security teams. You are expected to put the needs of operational teams and incident responders at the centre of your development work, ensuring detections and alerts are relevant, of value, and have practical response steps. You will need to ensure detection capability is fit for both on-premises, private and public cloud environments, working at significant scale, and across a diverse range of asset types. In addition, you may provide support during cyber security incidents, participate in threat hunts, and work with other security teams to deliver automation and standardisation to improve efficiency and response.
Security Engineering Skills
- Threat Led
- Ability to assess and validate information from various sources on cyber and informational security threats to business.
- Ability to analyse and identify significance of processed intelligence to identify trends, threat actor TTPs and potential capabilities.
- Ability to break down and translate information into tangible actionable data.
- Secure & Test-Driven Engineering
- Understanding of cyber security threat frameworks such as MITRE ATT&CK, Lockheed Martin Killchain etc.
- Ability to specify/implement processes to maintain required level of security for a component/product/system during its lifecycle.
- Proficient at detection development lifecycle covering all reasonable positive and negative test cases.
- Ability to conduct code reviews of existing content and processes to identify and enhance or mitigate security issues.
- Contribute to security evaluation of or testing of threat/vulnerabilities faced by systems.
- Applies recognised evaluation/testing methodologies, tools and techniques to signature development/reviews, suggesting new ones where appropriate.
- Research
- Ability to quantify and define research goals to generate worthwhile relevant detection ideas for further testing and exploration.
- Ability to summarise findings or technical information to be disseminated with wider teams, factoring in business knowledge and summaries.
Experience relevant for this job:
- An ability to develop queries and enable robust detection of threats.
- Working knowledge of Windows, macOS or Linux operating systems.
- Ability to work independently as well as part of a team.
- Understanding of modern attacker TTPs.
- Translate threat intelligence into actionable detection logic.
- Solid grasp of detection technologies.
- A broad understanding of security concepts; an interest and passion for cyber security.
- An analytical approach; ability in problem solving and comfortable working on production systems at scale.
- Query languages such as KQL or SPL.
- Experience developing and maintaining basic automation scripts (e.g., Bash, Python, Batch, PowerShell etc.).
Desirable Skills and Experience:
- Knowledge of cloud infrastructure, cloud security and cloud APIs a plus.
- Knowledge of attacker tools and evasion techniques within offensive engineering.
- Working knowledge of at least one major programming language, including scripting languages like Python and PowerShell.
- Experience of developing detections as code.
Desirable Certifications
- One or more from: CompTIA Security+, GIAC, CEH, SSCP. Where appropriate other industry relevant certifications will be considered.
Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet. Diversity, equity and inclusion (DE&I) at Tesco means that whoever you are and whatever your background, we always want you to feel represented and that you can be yourself at work. In short, we're a place where Everyone's Welcome. We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process. We're a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern - combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate.
Contact Detail:
MyJobHelper Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security Engineer Ii - Detection Engineering
✨Tip Number 1
Familiarise yourself with the MITRE ATT&CK framework and other cyber security threat frameworks. Understanding these will not only help you in interviews but also demonstrate your proactive approach to staying updated on industry standards.
✨Tip Number 2
Engage with online communities or forums focused on cyber security detection engineering. Networking with professionals in the field can provide insights into current trends and challenges, which you can discuss during your interview.
✨Tip Number 3
Showcase your practical skills by working on personal projects that involve developing detection logic or automation scripts. Having tangible examples to discuss can set you apart from other candidates.
✨Tip Number 4
Prepare to discuss how you've previously translated threat intelligence into actionable detection logic. Real-world examples of your problem-solving abilities will resonate well with the hiring team.
We think you need these skills to ace Security Engineer Ii - Detection Engineering
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience and skills that align with the job description. Focus on your security engineering skills, particularly in detection development and threat analysis.
Craft a Strong Cover Letter: In your cover letter, express your passion for cyber security and how your background makes you a great fit for Tesco. Mention specific experiences where you've developed detection capabilities or worked with threat intelligence.
Showcase Relevant Skills: Emphasise your knowledge of detection technologies, query languages like KQL or SPL, and any programming or scripting experience. Highlight your understanding of modern attacker TTPs and how you've applied this knowledge in previous roles.
Prepare for Technical Questions: Be ready to discuss your technical expertise during the interview process. Prepare examples of how you've implemented security measures, developed detection logic, or contributed to incident response in past positions.
How to prepare for a job interview at MyJobHelper
✨Understand the Threat Landscape
Familiarise yourself with current cyber threats and trends. Be prepared to discuss how you would assess and validate information from various sources, and how you can translate that into actionable detection logic.
✨Showcase Your Technical Skills
Be ready to demonstrate your knowledge of detection technologies and query languages like KQL or SPL. Highlight any experience you have with automation scripts in languages such as Python or PowerShell, as this will be crucial for the role.
✨Emphasise Team Collaboration
Since the role involves working closely with multiple teams, share examples of how you've successfully collaborated in the past. Discuss how you can put the needs of operational teams at the centre of your development work.
✨Prepare for Scenario-Based Questions
Expect questions that assess your problem-solving abilities in real-world scenarios. Think about how you would handle specific incidents or challenges related to cyber security detection, and be ready to articulate your thought process.
