At a Glance
- Tasks: Engage with product teams to enhance security and mitigate risks in innovative projects.
- Company: Join Tesco, a leading retailer committed to sustainability and inclusivity.
- Benefits: Enjoy competitive salary, annual bonus, 25+ days holiday, and private medical insurance.
- Other info: Flexible hybrid working model with excellent career growth opportunities.
- Why this job: Make a real impact on security while working with cutting-edge technology in a supportive environment.
- Qualifications: Hands-on experience in product security and knowledge of secure design principles required.
The predicted salary is between 60000 - 80000 € per year.
As a Security Partner, you will deeply engage within product areas and influence the way security is delivered by them. You will be supported by experts in the team. To achieve this, you are good at secure design principles, cloud security, secure development practices and patterns, application security, secure pipelines, open-source security and related. You are versatile to learn anything that comes along your way.
What is in it for you:
- Annual bonus scheme of up to 20% of base salary
- Holiday starting at 25 days plus a personal day (plus Bank holidays)
- Private medical insurance
- 26 weeks maternity and adoption leave (after 1 years' service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, with 6 weeks fully paid paternity leave
- Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing
Responsibilities:
- Develop in-depth understanding of the product area, engage with key product and technical people for assessing the security and privacy controls.
- Engage teams in security roadmap discussions and continuously improve security posture of what they build.
- Demonstrate how weaknesses in design or code can be compromised and exploited. Translate technical risks into business risks and potential impact to Tesco.
- Engage security champions, key developers, and offer technical advisory to support completion of security initiatives, and remediation of vulnerabilities or risks.
- Take part in key product and architecture decisions to embed security.
- Perform product security activities, from the early development of security requirements, architecture reviews, and threat modelling, to strengthening application security, mitigating supply-chain risks, securing secrets, pipelines, reviewing vulnerabilities, and infrastructure security.
Qualifications:
- Hands-on product security experience from developing requirements, reviewing architecture, applying design principles, to application security, pipeline security, infrastructure, and secure monitoring.
- Experience in leading security initiatives, dev(sec)ops practices with product and engineering teams.
- Experience in threat modelling and designing security/privacy controls to mitigate risks.
- Experience in application security, supply chain security, and using tools such as SAST, DAST, SCA, and IAC.
- Experience in reviewing code to spot weaknesses and suggesting mitigations.
- Experience applying industry standards like OWASP ASVS (Application Security Verification Standard), OWASP Top 10, CIS controls and benchmarks.
- Good understanding of web application, REST APIs, micro services, eventing, modern application frameworks, and mobile apps.
- Experience with cloud native and hybrid architectures with an emphasis on containerised workloads and Kubernetes.
About us:
Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet.
Inclusive Culture:
We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves. At Tesco, we not only celebrate diversity, but recognise the value and opportunity it brings. We're committed to creating a workplace where differences are valued, and make sure that all colleagues are given the same opportunities. We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process.
We're a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern - combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate. If you are applying internally, please speak to the Hiring Manager about how this can work for you - Everyone is welcome at Tesco.
Cyber Security Partner employer: WeAreTechWomen
At Tesco, we pride ourselves on being an exceptional employer, offering a supportive and inclusive work culture that values diversity and personal growth. As a Cyber Security Partner in Welwyn Garden City, you'll benefit from a comprehensive package including an annual bonus scheme, generous holiday allowance, and private medical insurance, all while working in a hybrid environment that promotes collaboration and innovation. Join us to make a meaningful impact in securing our products and enjoy the opportunity to develop your skills alongside industry experts.
StudySmarter Expert Advice🤫
We think this is how you could land Cyber Security Partner
✨Tip Number 1
Network like a pro! Reach out to current or former Tesco employees on LinkedIn. Ask them about their experiences and any tips they might have for landing the Cyber Security Partner role. Personal connections can give you insights that job descriptions just can't.
✨Tip Number 2
Prepare for the interview by brushing up on your technical skills. Make sure you can discuss secure design principles, cloud security, and application security confidently. We want you to show off your knowledge and how it aligns with Tesco's needs!
✨Tip Number 3
Practice common interview questions related to security initiatives and risk management. Think about how you would translate technical risks into business risks, as this is key for the role. The more you rehearse, the more comfortable you'll feel during the actual interview.
✨Tip Number 4
Don't forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you're serious about joining Tesco and being part of our inclusive culture.
We think you need these skills to ace Cyber Security Partner
Some tips for your application 🫡
Know Your Stuff:Before you start writing, make sure you understand the role inside out. Dive into the job description and highlight the key skills and experiences they’re looking for. This will help us tailor your application to show you’re the perfect fit!
Be Authentic:When writing your application, let your personality shine through! We want to see the real you, so don’t be afraid to share your passion for cyber security and how it aligns with our mission at Tesco. Authenticity goes a long way!
Showcase Your Experience:Use specific examples from your past work to demonstrate your skills in secure design principles, cloud security, and application security. We love seeing how you’ve tackled challenges and made an impact in previous roles!
Apply Through Our Website:Once you’ve polished your application, head over to our website to submit it. It’s the best way to ensure it gets into the right hands. Plus, you’ll find all the info you need about the role and our awesome benefits package!
How to prepare for a job interview at WeAreTechWomen
✨Know Your Stuff
Make sure you have a solid understanding of secure design principles, cloud security, and application security. Brush up on tools like SAST and DAST, and be ready to discuss how you've applied these in past roles.
✨Engage with Examples
Prepare specific examples from your experience where you've successfully led security initiatives or improved security postures. This will show your practical knowledge and ability to translate technical risks into business impacts.
✨Show Your Versatility
Since the role requires learning new things, be prepared to discuss how you've adapted to new technologies or practices in the past. Highlight your willingness to learn and grow within the field of cyber security.
✨Cultural Fit Matters
Tesco values an inclusive culture, so be yourself! Share your thoughts on diversity and inclusion in the workplace, and how you can contribute to a positive team environment. This will help you connect with the interviewers on a personal level.
