Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Collaborate with teams to enhance product security and mitigate cyber threats.
- Company: Join Tesco Technology, a leader in retail innovation and security.
- Benefits: Enjoy competitive salary, annual bonus, generous holiday, and private medical insurance.
- Why this job: Make a real impact on security while working with cutting-edge technology.
- Qualifications: Hands-on experience in product security and strong communication skills.
- Other info: Dynamic team environment with opportunities for growth and development.
The predicted salary is between 48000 - 72000 £ per year.
Cyber Security Partner – Product Security
The position will be based at our Tesco Technology offices in London. About the Security Partners team We are the trusted security advisors for Tesco Technology. Our purpose is to collaborate seamlessly with product and engineering stakeholders, leveraging our deep expertise in cyber security to design and implement robust, resilient solutions that protect our business and customers from cyber threats.
Overview
We are a dynamic and expanding global team of 15+ experts, serving as the strategic link between the wider security group and software engineering teams that develop cutting‑edge services at scale.
Responsibilities
- Develop in‑depth understanding of the product area and engage with key product and technical people to assess security and privacy controls.
- Engage teams in security roadmap discussions and continuously improve security posture.
- Demonstrate how weaknesses in design or code can be compromised and translate technical risks into business risks.
- Engage security champions, key developers and offer technical advisory to support completion of security initiatives and remediation of vulnerabilities or risks.
- Take part in key product and architecture decisions to embed security.
- Perform product security activities from early development of security requirements, architecture reviews, threat modelling, to strengthening application security and mitigating supply‑chain risks.
- Develop and propose security controls or compensating measures, continuously seeking tactical and strategic solutions.
- Lead teams on raising the bar on security by design and security by default.
- Assist adoption of new capabilities to enhance security across people, process and tools.
- Be ready to code and, if possible, raise a pull request to resolve a security issue.
- Participate in assurance activities such as security testing, purple testing, audits and act as an advocate for good security.
Qualifications
- Hands‑on product security experience from developing requirements, reviewing architecture and applying design principles.
- Experience leading security initiatives and dev‑sec‑ops practices with product and engineering teams.
- Experience in threat modelling and designing security/privacy controls.
- Experience in application security, supply‑chain security and using tools such as SAST, DAST, SCA, and IAC.
- Proficiency applying industry standards like OWASP ASVS, OWASP Top 10, CIS controls and benchmarks.
- Good understanding of web application, REST APIs, microservices, eventing, modern frameworks and mobile apps.
- Experience with cloud‑native and hybrid architectures, containerised workloads and Kubernetes.
- Some development experience (Java, Go, Python, cloud) is a plus.
- Degree in computer science or equivalent experience.
- Experience with regulations such as GDPR, PCI‑DSS is desirable.
- Azure or AWS cloud security certifications desirable.
- Excellent communicator, listener and influencer.
Benefits
- Annual bonus scheme of up to 20% of base salary.
- Holiday starting at 25 days plus a personal day and bank holidays.
- Private medical insurance.
- 26 weeks maternity and adoption leave at full pay, followed by statutory pay options and 6 weeks fully paid paternity leave.
- Free 24/7 virtual GP service, Employee Assistance Programme and mental wellbeing support.
Seniority Level
Mid‑Senior level
Employment Type
Full‑time
Job Function
Engineering and Information Technology
Industries
Retail
#J-18808-Ljbffr
Cyber Security Partner - Product Security employer: Tesco
Contact Detail:
Tesco Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Security Partner - Product Security
✨Tip Number 1
Get to know the company inside out! Research Tesco's values, recent projects, and their approach to cyber security. This will help you tailor your conversations and show that you're genuinely interested in being part of the team.
✨Tip Number 2
Network like a pro! Connect with current employees on LinkedIn or attend industry events. Engaging with people already in the company can give you insider tips and might even lead to a referral!
✨Tip Number 3
Prepare for those tricky interview questions! Think about how you would handle specific security challenges or past experiences. Practising your responses will help you feel more confident and articulate during the interview.
✨Tip Number 4
Don’t forget to showcase your technical skills! If you’ve worked on relevant projects or have coding experience, be ready to discuss them. And remember, applying through our website gives you a direct line to us, so don’t hesitate!
We think you need these skills to ace Cyber Security Partner - Product Security
Some tips for your application 🫡
Know the Role Inside Out: Before you start writing, make sure you really understand what the Cyber Security Partner role entails. Dive into the job description and highlight key responsibilities and qualifications. This will help you tailor your application to show how you fit perfectly with what we're looking for.
Showcase Your Experience: When you're putting together your application, don't just list your past jobs. Instead, focus on specific experiences that relate to product security and cyber threats. Use examples that demonstrate your hands-on experience and how you've successfully led security initiatives in the past.
Be Clear and Concise: We love a well-structured application! Keep your writing clear and to the point. Avoid jargon unless it's relevant, and make sure your passion for cyber security shines through. A concise application is much easier for us to read and appreciate.
Apply Through Our Website: Finally, don’t forget to apply through our website! It’s the best way for us to receive your application and ensures it gets to the right people. Plus, it shows you’re serious about joining our team at Tesco Technology!
How to prepare for a job interview at Tesco
✨Know Your Stuff
Make sure you have a solid understanding of product security principles and the specific technologies mentioned in the job description. Brush up on your knowledge of OWASP, SAST, DAST, and cloud security practices. Being able to discuss these topics confidently will show that you're serious about the role.
✨Engage with Real Scenarios
Prepare to discuss real-world examples where you've successfully identified and mitigated security risks. Think about how you can translate technical risks into business impacts, as this is crucial for the role. Use the STAR method (Situation, Task, Action, Result) to structure your responses.
✨Show Your Collaborative Side
Since the role involves working closely with product and engineering teams, be ready to demonstrate your teamwork skills. Share experiences where you've collaborated with others to enhance security measures or led initiatives. Highlight your ability to influence and communicate effectively with diverse stakeholders.
✨Be Ready to Code
If you have coding experience, be prepared to showcase it! You might be asked to solve a security issue on the spot or discuss how you would approach a coding challenge related to security. Practising some common coding problems in languages like Java, Go, or Python could give you an edge.
