Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the development of Tesco's cyber security detection capabilities and improve existing systems.
- Company: Join Tesco, a leading retailer committed to serving customers and communities sustainably.
- Benefits: Enjoy flexible working, an annual bonus, 25+ days holiday, and private medical insurance.
- Why this job: Be part of a dynamic team tackling real-world cyber threats in a supportive environment.
- Qualifications: Experience in security engineering, threat analysis, and familiarity with various operating systems required.
- Other info: Embrace a culture of inclusivity and innovation while working remotely and in-office.
The predicted salary is between 30000 - 50000 ÂŁ per year.
About the role
As a Cyber Security Detection Engineer, you will lead the development, implementation, and continuous improvement of Tesco’s cyber security detection capability. You will understand the changing threat landscape, identify opportunities for improvement in existing detections, establish new detections, and ensure appropriate detection coverage for the organisation. You will work closely with security operations, engineering, and risk & compliance in a fast paced and agile environment.
Responsibilities
- Develop and drive the cyber security detection capability day-to-day and strategically for the Tesco Group.
- Seek out effective and comprehensive detection logic and capability, ensuring detections are robust, thoroughly tested, and that alerts and supporting information are available to and understood by operational cyber security teams.
- Put the needs of operational teams and incident responders at the centre of development work, ensuring detections and alerts are relevant, of value, and have practical response steps.
- Ensure detection capability is fit for on‑premises, private and public cloud environments, and operate at scale across a diverse range of asset types.
- Provide support during cyber security incidents, participate in threat hunts, and collaborate with other security teams to deliver automation and standardisation to improve efficiency and response.
Requirements and qualifications
- Operational skills: Security Engineering Skills; Threat Led approach; ability to assess and validate information from multiple sources on cyber and informational security threats; analyse trends, threat actor TTPs and potential capabilities; translate information into tangible actionable data.
- Secure & Test-Driven Engineering: Understanding of cyber security threat frameworks (e.g., MITRE ATT&CK, Lockheed Martin Kill Chain); maintain security for components/systems throughout their lifecycle; proficient in detection development lifecycle with positive and negative test cases; conduct code reviews to enhance or mitigate security issues; contribute to security evaluation/testing of threats and vulnerabilities; apply evaluation/testing methodologies and tools to signature development/reviews.
- Research: ability to quantify research goals to generate worthwhile detection ideas; summarize findings for wider teams with business context.
- Experience relevant for this role: develop queries for robust threat detection; working knowledge of Windows, macOS, or Linux; ability to work independently and in a team; understanding of modern attacker TTPs; translate threat intelligence into actionable detection logic; solid grasp of detection technologies; strong analytical problem-solving skills; experience with query languages such as KQL or SPL; experience with automation scripts (e.g., Bash, Python, PowerShell).
- Desirable Skills and Experience: knowledge of cloud infrastructure/security and cloud APIs; knowledge of attacker tools and evasion techniques; experience with at least one major programming language and scripting languages; experience developing detections as code.
- Desirable Certifications: CompTIA Security+, GIAC, CEH, SSCP or other industry-relevant certifications where appropriate.
What’s in it for you?
We’re all about the little helps. Tesco’s colleague benefits package takes care of you both in and out of work. Click here to find out more.
About Us
Our vision at Tesco is to become every customer\’s favourite way to shop. Our core purpose is “Serving our customers, communities and planet a little better every day.” We are committed to an inclusive culture and to providing a fully inclusive and accessible recruitment process. We’re a big business offering diverse full-time and part-time patterns, with blended office and remote working. If applying internally, speak to the Hiring Manager about how this can work for you.
Seniority level
- Entry level
Employment type
- Full-time
Job function
- Information Technology
- Industries: Retail
Is this role expired or filled? The description does not indicate a current closing date; ensure to verify on the posting platform.
#J-18808-Ljbffr
Security Engineer II employer: Tesco Technology
Contact Detail:
Tesco Technology Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security Engineer II
✨Tip Number 1
Familiarise yourself with the MITRE ATT&CK framework and other threat models mentioned in the job description. Being able to discuss these frameworks in detail during your interview will show that you understand the current threat landscape and can apply this knowledge practically.
✨Tip Number 2
Brush up on your skills in query languages like KQL or SPL, as well as scripting languages such as Python and PowerShell. Being able to demonstrate your ability to develop detection logic and automation scripts will set you apart from other candidates.
✨Tip Number 3
Network with professionals in the cyber security field, especially those who work in detection engineering. Engaging with industry peers can provide insights into the role and may even lead to referrals, increasing your chances of landing an interview.
✨Tip Number 4
Prepare to discuss real-world scenarios where you've successfully identified and mitigated security threats. Having concrete examples ready will help you illustrate your problem-solving skills and your ability to work under pressure, which are crucial for this role.
We think you need these skills to ace Security Engineer II
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience and skills that align with the Security Engineer II role. Focus on your knowledge of cyber security frameworks, detection technologies, and any programming languages you are proficient in.
Craft a Strong Cover Letter: In your cover letter, express your passion for cyber security and how your background makes you a great fit for Tesco Technology. Mention specific projects or experiences that demonstrate your ability to develop and implement detection capabilities.
Showcase Relevant Skills: Clearly outline your operational skills, such as your ability to assess cyber threats, conduct code reviews, and develop detection logic. Use examples from past roles to illustrate your expertise in these areas.
Research Tesco Technology: Familiarise yourself with Tesco's values and mission. Understanding their commitment to inclusivity and sustainability can help you tailor your application to reflect how you align with their corporate culture.
How to prepare for a job interview at Tesco Technology
✨Understand the Threat Landscape
Familiarise yourself with current cyber threats and trends. Be prepared to discuss how these threats impact Tesco and how your skills can help mitigate them.
✨Showcase Your Technical Skills
Be ready to demonstrate your knowledge of detection technologies and frameworks like MITRE ATT&CK. Prepare examples of how you've applied these in previous roles.
✨Emphasise Collaboration
Highlight your experience working with cross-functional teams. Discuss how you’ve collaborated with security operations, engineering, or compliance teams to enhance security measures.
✨Prepare for Scenario-Based Questions
Expect questions that assess your problem-solving abilities in real-world scenarios. Think of examples where you developed detection logic or responded to incidents effectively.
