Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our team to ensure secure product development and protect client data.
- Company: Sainsbury's is a leading retailer committed to innovation and security.
- Benefits: Enjoy flexible working, discounts, bonuses, and extensive training opportunities.
- Why this job: Make an impact in cybersecurity while collaborating with diverse teams.
- Qualifications: 4+ years in security; knowledge of cloud services and security frameworks required.
- Other info: Remote work options available; commitment to diversity and inclusion.
The predicted salary is between 36000 - 60000 Β£ per year.
As an Information Security Analyst in the Data Governance and Information Security Team, you will work within the Product Assurance team, responsible for ensuring our Engineering and Development communities build and maintain secure products throughout their lifecycle. You will review our security posture and guide improvements aligned with the evolving threat landscape and business objectives.
What you need to do
- Work flexibly within Engineering Teams, maintaining governance and challenge
- Ensure security is integrated by design, protecting client and employee data
- Define and verify Security Non-Functional Requirements for projects
- Coordinate with the Security Testing Team for ethical hacking, code reviews, and scans
- Provide assurance of IT products across their lifecycle, granting approvals as needed
- Communicate risks clearly to technical and non-technical audiences
- Identify, assess, and manage risks related to Cloud and Data, aligning with risk appetite
- Build strong relationships with stakeholders to understand and address security risks
- Articulate technical issues effectively to business and engineering teams
- Collaborate with third-party partners supporting Sainsbury's
What you need to know and show
- Minimum 4 years of experience in security, ensuring secure system design and improvement
- Knowledge of container technologies like Docker and Kubernetes
- Understanding of logging, monitoring, load balancers, API gateways
- Experience with GitHub, Jenkins, Jira
- Basic knowledge of OWASP Top 10, Mitre ATT&CK, NIST, PCI-DSS, Cyber Kill Chain
- Understanding of PAM, EDR, AV, IPS, SIEM, WAF, DLP technologies
- Ability to verify solutions and demonstrate controls and testing
- Awareness of the threat landscape and its impact on systems
- Strong analytical, reporting, and communication skills
- Experience with serverless cloud services like AWS Lambda and storage
Desirable Qualifications
- You will have one or more of the following certifications or qualifications:
- CompTIA Security+, Network+, Linux+, Cloud+, Data+, DataSys+
- CSA CCSK / CCAK
- AWS Security Certified
- Microsoft Azure Security Engineer Associate
- (ISC)Β² CISSP / CCSP / SSCP
- ISACA CISA / CISM / CRISC / CGEIT
- MSc. in Information/Cyber Security
Benefits
- We offer extensive training and development, along with benefits including:
- Colleague discounts across our brands
- Holiday allowance and holiday purchase options
- Performance bonus scheme
- Pension plan
- Offers on gym memberships, dining, holidays, retail vouchers, and more
- We promote work-life balance with flexible, remote, and collaborative working options.
- We are committed to diversity and inclusion, supporting your development and recognizing your contributions.
- Additional benefits include:
- Starting with 10% discount after 4 weeks, increasing to 15%
- Pensions and life cover
- Performance-related bonus potential
- Annual leave, with options to buy extra
- Season ticket loans, cycle schemes, health plans, and employee assistance programs
- Paid maternity, paternity, and adoption leave
For more details, visit www.sainsburys.jobs. Note that eligibility and length of service may apply.
Information Security Analyst - Product Assurance employer: Sainsburys
Contact Detail:
Sainsburys Recruiting Team
StudySmarter Expert Advice π€«
We think this is how you could land Information Security Analyst - Product Assurance
β¨Tip Number 1
Familiarise yourself with the specific security frameworks mentioned in the job description, such as OWASP Top 10 and NIST. Being able to discuss these frameworks in detail during your interview will demonstrate your knowledge and commitment to information security.
β¨Tip Number 2
Build a strong understanding of container technologies like Docker and Kubernetes, as well as serverless cloud services such as AWS Lambda. Having practical experience or projects to discuss can set you apart from other candidates.
β¨Tip Number 3
Network with professionals in the field of information security, especially those who work with Sainsbury's or similar companies. Engaging with industry peers can provide insights into the company culture and expectations, which can be invaluable during your application process.
β¨Tip Number 4
Prepare to articulate how you would communicate risks to both technical and non-technical audiences. This role requires strong communication skills, so having examples ready that showcase your ability to bridge the gap between different stakeholders will be beneficial.
We think you need these skills to ace Information Security Analyst - Product Assurance
Some tips for your application π«‘
Tailor Your CV: Make sure your CV highlights relevant experience in information security, particularly focusing on secure system design and improvement. Include specific examples of your work with container technologies like Docker and Kubernetes.
Craft a Strong Cover Letter: In your cover letter, express your understanding of the role and how your skills align with the responsibilities outlined in the job description. Mention your experience with security frameworks such as OWASP Top 10 and NIST.
Showcase Relevant Certifications: If you have any of the desired qualifications or certifications, such as CompTIA Security+ or AWS Security Certified, make sure to list them prominently in your application. This will demonstrate your commitment to the field.
Prepare for Technical Questions: Be ready to discuss your technical knowledge during the interview process. Brush up on topics like ethical hacking, risk management, and cloud services, as these are crucial for the role.
How to prepare for a job interview at Sainsburys
β¨Understand the Role
Make sure you have a solid grasp of what an Information Security Analyst does, especially in the context of product assurance. Familiarise yourself with the key responsibilities mentioned in the job description, such as ensuring security is integrated by design and communicating risks to various audiences.
β¨Showcase Relevant Experience
Prepare to discuss your past experiences that align with the requirements of the role. Highlight your experience with container technologies like Docker and Kubernetes, as well as your familiarity with security frameworks such as OWASP Top 10 and NIST.
β¨Demonstrate Communication Skills
Since the role involves articulating technical issues to both technical and non-technical stakeholders, practice explaining complex security concepts in simple terms. This will show your ability to bridge the gap between engineering teams and business needs.
β¨Prepare for Scenario-Based Questions
Expect questions that assess your problem-solving skills in real-world scenarios. Be ready to discuss how you would handle specific security challenges, such as managing risks related to cloud services or coordinating with third-party partners.