Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead and mentor a digital forensics team while managing cybersecurity incident responses.
- Company: Join Tesco, a leading retailer focused on serving customers and communities sustainably.
- Benefits: Enjoy flexible working, an annual bonus, private medical insurance, and generous leave policies.
- Why this job: Be part of a dynamic team driving innovation in cybersecurity and making a real impact.
- Qualifications: 2+ years managing technical teams with experience in digital forensics and incident response required.
- Other info: Embrace a culture of diversity, equity, and inclusion where everyone is welcome.
The predicted salary is between 43200 - 72000 £ per year.
About the role
Our Digital Forensics and Incident Response (DFIR) team leads the technical investigation and response to cybersecurity incidents for the Tesco Group. They collaborate closely with other cybersecurity teams, including Security Operations, Threat Intelligence, Automation, and Detection Engineering, to protect, detect, and respond to security threats across Tesco’s diverse and evolving estate. Beyond investigating security incidents, they use their expertise to work with other teams, driving innovation and improving our overall security capabilities.
We are seeking a leader to run and expand our specialist team, working in tandem with the Principal DFIR Security Engineer. This role involves guiding individual development and leading all aspects of project work to mature capabilities. Responsibilities also include broader initiatives that integrate efforts across various security teams and the wider Tesco Technology organisation.
During an incident, you will use your deep technical knowledge and extensive experience in incident response to guide the team through investigations. Your critical thinking skills will be valuable in contributing to incident analysis, while also delegating tasks and collaborating with other incident managers to maintain a comprehensive view of the situation.
At Tesco, we believe in the power of spending more time together, face to face, than apart. So, during your working week, you can expect to spend 60% of your time in one of our office locations or local sites and the rest remotely. We also recognise that life looks a little different for each of us. Some people are at the start of their careers, some want the freedom to do the things they love. Others are going through life-changing moments like becoming a carer, nearing retirement, adapting to parenthood, or something else. That’s why at Tesco, we always welcome a conversation about flexible working. So, talk to us throughout your application about how we can support.
You will be responsible for
- Lead and mentor the digital forensic team, growing both their technical and leadership skills.
- Lead the response in cyber security incidents ensuring a coordinated approach to ensure a comprehensive and efficient response.
- Develop, implement, and maintain policies and procedures for digital forensics investigations, ensuring they align with the latest legal and regulatory requirements.
- Ensure the proper collection, preservation, and analysis of digital evidence.
- Drive continued development of the team’s technical capabilities and consider how technologies such as automation and AI can improve their ways of working.
- Work collaboratively with teams across cyber security, technology and beyond.
- Lead DFIR specific projects, which includes planning, implementing, and monitoring of progress.
You will need
- 2+ years’ experience managing a team of technical specialists.
- Proven experience with digital forensics and incident response, including for security incidents in large-scale corporate environments across on premise and cloud.
- A strong, up to date understanding of the security threats facing large enterprises and the challenges these can present to incident response.
- Experience with forensic and file analysis across Windows, MacOS, and Unix operating systems.
- Experience with a broad range of enterprise security technologies including EDR, SOAR, and SIEM.
- Familiarity with at least one scripting language such as Python, PowerShell etc.
- Excellent written and verbal communication skills for reporting and teamwork.
- Ability to think critically and lead technical investigations.
- Ability to handle high pressure situations in a calm, productive, and professional manner.
- Completion of relevant training courses such as the SANS 500 Forensics, 508 DFIR, and 610 Malware Analysis courses and their accompanying certs or equivalent is desirable but not needed.
What’s in it for you
We’re all about the little helps. That’s why we make sure our Tesco colleague benefits package takes care of you – both in and out of work.
- Annual bonus scheme of up to 20% of base salary
- Holiday starting at 25 days plus a personal day (plus Bank holidays)
- Private medical insurance
- 26 weeks maternity and adoption leave (after 1 years’ service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 4 weeks fully paid paternity leave
- Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing
About us
Our vision at Tesco is to become every customer’s favourite way to shop, whether they are at home or out on the move. Our core purpose is ‘Serving our customers, communities and planet a little better every day’. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet.
Diversity, equity and inclusion (DE&I) at Tesco means that whoever you are and whatever your background, we always want you to feel represented and that you can be yourself at work. In short, we’re a place where Everyone’s Welcome . We’re proud to have been accredited Disability Confident Leader and we’re committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please click here .
We’re a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern – combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate.
#J-18808-Ljbffr
Security Engineering Manager - DFIR employer: Tesco Partners
Contact Detail:
Tesco Partners Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security Engineering Manager - DFIR
✨Tip Number 1
Familiarize yourself with the latest trends and technologies in digital forensics and incident response. Being well-versed in tools like EDR, SOAR, and SIEM will not only boost your confidence but also demonstrate your commitment to staying current in this fast-evolving field.
✨Tip Number 2
Highlight your leadership experience in previous roles. Since this position involves mentoring a team, showcasing your ability to lead and develop others will set you apart from other candidates.
✨Tip Number 3
Prepare to discuss specific incidents you've managed in the past. Be ready to explain your thought process during high-pressure situations and how you coordinated responses with other teams, as this will be crucial in demonstrating your fit for the role.
✨Tip Number 4
Engage with the cybersecurity community through forums or local meetups. Networking can provide valuable insights into the industry and may even lead to referrals, increasing your chances of landing the job with us at Tesco.
We think you need these skills to ace Security Engineering Manager - DFIR
Some tips for your application 🫡
Understand the Role: Make sure to thoroughly read the job description for the Security Engineering Manager - DFIR position. Understand the responsibilities and required skills, and think about how your experience aligns with them.
Tailor Your CV: Customize your CV to highlight relevant experience in digital forensics and incident response. Emphasize your leadership skills and any specific technologies or methodologies you have worked with that are mentioned in the job description.
Craft a Compelling Cover Letter: Write a cover letter that not only outlines your qualifications but also demonstrates your passion for cybersecurity and your understanding of Tesco's mission. Mention how you can contribute to their DFIR team and improve their security capabilities.
Showcase Your Communication Skills: Since excellent written and verbal communication skills are essential for this role, ensure that your application materials are clear, concise, and free of errors. Consider including examples of how you've effectively communicated in high-pressure situations.
How to prepare for a job interview at Tesco Partners
✨Showcase Your Leadership Skills
As a Security Engineering Manager, you'll need to demonstrate your ability to lead and mentor a team. Prepare examples of how you've successfully guided teams in the past, focusing on both technical and leadership development.
✨Highlight Your Technical Expertise
Be ready to discuss your experience with digital forensics and incident response. Share specific incidents you've managed, the technologies you used, and how you approached problem-solving during high-pressure situations.
✨Understand Tesco's Culture
Familiarize yourself with Tesco's values and commitment to diversity, equity, and inclusion. Be prepared to discuss how you can contribute to a positive team environment and support flexible working arrangements.
✨Prepare for Scenario-Based Questions
Expect questions that assess your critical thinking and incident management skills. Practice articulating your thought process in handling cybersecurity incidents, including how you would coordinate with other teams and maintain a comprehensive view of the situation.
