Security Testing Co-ordinator

London Store Support Centre and Home, Sainsbury's Supermarkets Ltd 33 Charterhouse Street, London Greater London, EC1M 6HA

We’d all like amazing work to do, and real work‑life balance. That’s waiting for you at Sainsbury’s. Think about the scale it takes for us to feed the nation. The level of data, transactions and variety it involves. Then you’ll realise that ours is a modern software engineering environment because it has to be. We’ve made serious investment into a Tech Academy and into setting standards and principles. We iterate, learn, experiment and push ways of working such as Agile, Scrum and XP. So you can look forward to awesome opportunities in everything from AI to reusable tech.

About the Team

Our Data Governance & Information Security team is at the heart of protecting the organisation’s systems, data, and people. We work across all areas of the business to identify risks, strengthen defences, and ensure compliance with industry standards and regulations. We value accountability, curiosity, and continuous improvement, and we’re passionate about building a culture where security is second nature. Joining us means being part of a team that tackles evolving threats, drives awareness, and helps the organisation remain resilient and trusted.

What you need to do

We’re seeking a Security testing co‑ordinator that can co‑ordinate, deliver and continuously improve a critical function to strengthen our Information Security team. The role also schedules activities in alignment with project requirements. Responsibilities include arranging test execution to support technology release priorities and change initiatives, distributing detailed reports of findings, and assisting with the assignment and tracking of remediation actions. These engagements involve close collaborations with both internal teams and external service providers, engaging with management and stakeholders to provide strategic insights, and collaborating with specialised groups such as the SOC, internal red and purple teams to ensure comprehensive security coverage.

Key responsibilities include:

• Assist with the full penetration testing lifecycle, including technology releases, BAU schedules, PCI compliance, and ad hoc assessments.
• Ensure all activities align with enterprise security strategy, regulatory obligations, and organisational risk appetite.
• Review and prioritise testing scope based on risk assessment provided.
• Integrate security validation into project timelines to minimise exposure during technology deployments and critical change initiatives.
• Deliver actionable vulnerability reports, maintain visibility of organisational risk posture, and ensure timely remediation tracking to reduce exposure and strengthen security maturity.
• Maintain a centralised vulnerability management database with accurate asset information.
• Ensure data integrity to support informed decision‑making and compliance reporting.
• Drive process optimisation and service enhancements using KPIs, lessons learned, and industry best practices.
• Foster continuous improvement to enhance testing efficiency and organisational security posture.
• Engage with SOC, red/purple teams, and external partners to ensure comprehensive threat coverage.
• Align testing activities with threat intelligence and enterprise risk management objectives.

Essential Criteria

• Demonstrated experience in coordinating penetration testing activities across complex technology environments, including BAU, regulatory, and project‑based initiatives.
• Strong understanding of vulnerability management principles and penetration testing methodologies.
• Proven ability to manage multiple priorities and deadlines, ensuring alignment with organisational risk appetite and compliance requirements.
• Excellent stakeholder engagement skills, with experience collaborating across internal teams (e.g., SOC, red/purple teams) and external service providers.
• Competence in maintaining accurate records and reporting, including centralised vulnerability databases and remediation tracking.
• Ability to drive process improvements and implement best practices to enhance testing efficiency and security posture.
• Familiarity with relevant regulatory frameworks and standards (e.g., PCI DSS, ISO 27001, NIST).
• Strong organisational and communication skills, with attention to detail and a proactive approach to problem‑solving.
• Familiarity of working with Jira.

Advantageous

• Ability to interpret and communicate technical findings to non‑technical stakeholders.
• The role could suit someone who has an IT project or delivery management background and is intent on moving into Cyber Security.
• Implementing or editing Jira spaces to organise work, develop dashboards and improve workflows.

In return you’ll get:

• Colleague discount across the multi‑brands – Sainsbury’s, Argos and Habitat.
• Holiday allowance.
• Bonus scheme.
• Pension plan.
• Special offers on gym memberships, restaurants, holidays, retail vouchers and more.

Flexible working and job share conversations are encouraged. Across our multi‑brands, we’re proud to be an equal opportunities employer that champions a diverse and inclusive culture. If you’re reading this, even if you’re not 100% sure you’re there with your experience, we’d still love to hear from you. We are committed to being a truly inclusive retailer so you’ll be welcomed whatever you are and wherever you work. Around here, there’s always the chance to try something new – whether that’s as part of an evolving team or somewhere else across the business – and we take development seriously and promise to support you. We also recognise and celebrate colleagues when they go the extra mile and, where possible, offer flexible working. We also offer an employee assistance programme and extend maternity, adoption, and paternity leave benefits in line with UK statutory requirements.