Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Build and enhance cyber threat intelligence to protect our security programme.
- Company: Join Tesco, a leader in retail with a commitment to inclusivity and sustainability.
- Benefits: Flexible working patterns, competitive salary, and a supportive work environment.
- Why this job: Make a real impact in cybersecurity while working with cutting-edge technology.
- Qualifications: 3-5+ years in cybersecurity with strong scripting and threat intelligence skills.
- Other info: Dynamic workplace with opportunities for growth and collaboration.
The predicted salary is between 43200 - 72000 £ per year.
To build and mature a cyber threat intelligence capability that serves as the predictive and proactive heart of our security programme. You will act as the technical authority for collecting, processing, and analysing intelligence, ensuring it enables a truly threat-informed defence. By converging intelligence tradecraft with engineering principles, you will drive the "Intelligence-to-Action" cycle and ruthlessly prioritise the efforts of our detection and response functions.
Intelligence-to-Action Engineering
- Operationalise the "Intelligence-to-Action Cycle," prioritising security engineering efforts based on business risk and validated threats.
- Define and manage intelligence requirements to guide collection and ensure resources focus on the most relevant risks.
- Design "Threat Intelligence-as-Code" workflows that automatically trigger hunting packages or detection stubs in our data platform when CTI outputs are available.
Maintenance of CTI Systems
- Implement, manage and optimise the Threat Intelligence Platform (TIP) and analytical tools to automate across the intelligence cycle.
- Drive technical initiatives to reduce technical debt and ensure tools scale to meet the organisation's evolving needs.
- Ensure seamless integration between CTI systems, SIEMs, SOAR, and endpoint detection platforms to correlate threats against internal telemetry and take suitable action.
Detection & Hunt Support
- Translate unstructured intelligence into actionable detection suggestions, collaborating with engineers to address coverage gaps for high-priority adversary behaviours.
- Support proactive threat hunting by defining process and systems which enable hypothesis-driven hunts based on adversary TTPs and specific business risks.
Automation & Force Multipliers
- Champion "Automation-First" principles, using scripting (Python, PowerShell) to automate repetitive data collection and enrichment tasks.
- Leverage AI and machine learning as "Force Multipliers" to summarise complex threat reports and accelerate code generation and deployment.
- Develop advanced workflows that integrate intelligence feeds directly into defensive controls for real-time blocking.
Strategic & Tactical Reporting
- Support the production of tiered intelligence products, from strategic executive briefings to operational reports on specific adversary campaigns.
- Disseminate machine-readable indicators (IOCs) to enable immediate detection and response actions.
Partnership & Sharing
- Act as the technical intelligence partner to Detection Engineering, Security Operations and Incident Response, ensuring a seamless flow of actionable data.
- Establish and mature intelligence-sharing partnerships with industry peers and intelligence-sharing communities to strengthen collective defence.
Experience & Qualifications
- Experience: 3-5+ years in cybersecurity, specifically in Security Engineering, Threat Intelligence, Security Operations (SOC), Incident Response.
- Tradecraft: Advanced understanding of frameworks relating to threat modelling, threat intelligence, threat hunting and detection engineering (ATT&CK, D3FEND, Kill Chain, Attack Flow, STRIDE, DREAD, etc).
- Technical Skills: Proficiency in scripting languages (e.g., Python, PowerShell) for analysis, automation, and workflow improvement.
- Tooling: Hands-on experience with Threat Intelligence Platforms (TIPs) (MISP, ThreatConnect, etc) and SIEM technologies (Splunk, Sentinel, etc).
- Communication: Strong ability to translate complex threat data into actionable insights for both technical and executive audiences.
Senior Security Engineer in Welwyn Garden City employer: Tesco UK
Contact Detail:
Tesco UK Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Security Engineer in Welwyn Garden City
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your projects, especially those related to threat intelligence and automation. This gives potential employers a taste of what you can do.
✨Tip Number 3
Prepare for interviews by practising common questions and scenarios specific to security engineering. Think about how you would operationalise the 'Intelligence-to-Action' cycle and be ready to discuss your approach.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen. Plus, we love seeing candidates who are genuinely interested in joining our team at Tesco.
We think you need these skills to ace Senior Security Engineer in Welwyn Garden City
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience in cybersecurity, especially in areas like threat intelligence and security engineering. We want to see how your skills align with the role of Senior Security Engineer!
Showcase Your Technical Skills: Don’t forget to mention your proficiency in scripting languages like Python and PowerShell. We love seeing candidates who can automate tasks and improve workflows, so give us examples of how you've done this in the past.
Highlight Your Experience: With 3-5+ years in the field, make sure to detail your hands-on experience with Threat Intelligence Platforms and SIEM technologies. We’re looking for someone who can hit the ground running, so share specific projects or achievements!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy to do!
How to prepare for a job interview at Tesco UK
✨Know Your Threat Intelligence
Make sure you brush up on your knowledge of threat intelligence frameworks like ATT&CK and D3FEND. Be ready to discuss how you've applied these in past roles, as this will show your technical authority and understanding of the field.
✨Showcase Your Automation Skills
Since automation is key in this role, prepare examples of how you've used scripting languages like Python or PowerShell to automate tasks. Highlight specific projects where your automation efforts led to improved efficiency or reduced technical debt.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving skills. Think about how you would operationalise the 'Intelligence-to-Action Cycle' and be ready to explain your thought process and decision-making in real-world situations.
✨Communicate Clearly and Confidently
You’ll need to translate complex threat data into actionable insights, so practice explaining technical concepts in simple terms. This will demonstrate your ability to communicate effectively with both technical teams and executive audiences.
