Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead a team in developing security controls to combat cyber threats.
- Company: Join Tesco, a leader in retail, committed to safeguarding digital environments.
- Benefits: Enjoy a collaborative culture, opportunities for innovation, and professional growth.
- Why this job: Make a real impact in cybersecurity while working with cutting-edge technologies.
- Qualifications: Experience in security engineering and management, especially in Agile environments.
- Other info: Ideal for those passionate about tech and eager to learn in a dynamic setting.
The predicted salary is between 48000 - 72000 £ per year.
Job Description
Security Engineering Manager (Detection Engineering)
As a Security Engineering Manager, you will lead a squad within Detection Engineering, focusing on management, leadership, and delivering cyber defensive outcomes at Tesco. Your primary responsibility is to guide a team of security engineers in developing and implementing security controls that bolster our cyber defence to detect and support response to digital threats, while supporting and integrating with other teams across prevention, operations, and automation.
Your team specialises on Microsoft related security technologies, but also works closely with other technologies from Splunk, Databricks, and those related to deception operations.
Your objective is to safeguard our customers, suppliers, colleagues, networks, systems, applications, and information from cyber-attacks.
You will excel in enhancing security outcomes efficiently and cost-effectively, working with teams that possess a diverse range of skills, from hands-on technical expertise to architectural knowledge. Fostering a culture of innovation and curiosity within your team is essential to this role.
In this role, I am accountable for:
- Threat-Led Prioritisation: Evaluates and prioritizes cyber threats to Tesco, analysing machine signals and intelligence and human factors to identify trends and actionable data for threat management.
- Secure & Test-Driven Engineering: Proficient in applying industry frameworks (MITRE ATT&CK, NIST CSF, etc), integrating security into the software development lifecycle by applying secure coding practices, utilising test-driven development (TDD) for code reliability, and conducting thorough code reviews to mitigate potential security vulnerabilities.
- Intrusion Detection & Analysis: Define and drive procedures to identify detection opportunities, assess risk reduction, and ensure mature detection outcomes, reporting detection quality, coverage and cost where required.
- Incident Management, Incident Investigation & Response: Coordination with security operations teams to support incident management, investigation and response activities when required.
- Research: Defines research goals, generates innovative ideas, summarizes and disseminates findings, and contributes to organizational security strategy.
- Enterprise Technology: Understands Enterprise technology infrastructure, systems, solutions, tools and architecture, including the importance and principles of security, managing incidents, and programming.
- Development Lifecycle: Understands the end-to-end software development lifecycle, and the processes and checkpoints involved, from planning, designing, building, testing, deploying and maintenance and how this applies to their role.
- Delivery Methodologies: Understanding of Agile and other methodologies, including product management frameworks, and of the full product management lifecycle and how different Agile practices can be used.
Relevant Operational skills required:
- Management & Leadership: Effectively manages people, including performance and incentive management, and applies leadership practices to achieve targets and foster an inclusive environment where people feel like they belong.
- Communication & Influencing: Identifying and engaging stakeholders, using a range of techniques (e.g. storytelling, presentations, reports, influencing, negotiation and difficult conversations).
- Data Analytics & Insights: Defining suitable metrics, obtaining and analysing data using the right tools, spotting trends and gaining and explaining insights to influence and enable decisions and measure impact.
- Curiosity & Learning: Reflecting on practice, adapting and challenging assumptions, seeking new ideas and perspectives, and striving to gain new skills and knowledge.
- Embracing & Enabling Change: Need, appetite and potential impacts of change, including embracing the opportunities and challenges of change.
- Strategic Thinking & Problem Solving: Strategic and critical thinking to identify problems and how to apply chosen methodologies to solve problems and create value for the business.
- Finance & Procurement: Finance and procurement processes, and budget management, including estimation, forecasting, planning and tracking spending.
Relevant Experience required:
Essential:
- Direct Line Management Responsibilities
- Agile Ways of Working (Scrum, DevOps, Kanban, etc)
- Security Engineering Experience (Detection, Prevention, Automation, etc)
- Common Productivity Tools (Confluence, Miro, Teams, etc)
- Common Development Tools (Jira, GitHub, etc)
Desirable:
- Cybersecurity Engineering Management or Leadership
- Microsoft Defender for Endpoint/Cloud
- Microsoft Sentinel / Splunk Enterprise Security
- Professional Industry Membership (CIISec, BCS, etc)
- Security Certification (ISC2, ISACA, CompTIA, SANS, EC-Council, etc)
- Detection-as-Code / DevOps for SecOps
#J-18808-Ljbffr
Security Engineering Manager employer: ZipRecruiter
Contact Detail:
ZipRecruiter Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security Engineering Manager
✨Tip Number 1
Familiarize yourself with the MITRE ATT&CK framework and NIST CSF. Understanding these frameworks will not only help you in interviews but also demonstrate your commitment to applying industry standards in security engineering.
✨Tip Number 2
Showcase your experience with Agile methodologies, especially Scrum and DevOps. Be prepared to discuss how you've implemented these practices in past roles to enhance team performance and project delivery.
✨Tip Number 3
Highlight your leadership skills by sharing specific examples of how you've managed teams effectively. Discuss how you foster an inclusive environment and drive performance through motivation and support.
✨Tip Number 4
Stay updated on the latest trends in cybersecurity, particularly around Microsoft technologies and incident response strategies. This knowledge will help you engage in meaningful conversations during the interview process.
We think you need these skills to ace Security Engineering Manager
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in security engineering, management, and leadership. Emphasize your familiarity with Microsoft technologies and any experience with detection engineering or incident management.
Craft a Compelling Cover Letter: In your cover letter, express your passion for cybersecurity and your leadership style. Mention specific examples of how you've successfully managed teams and delivered cyber defensive outcomes in previous roles.
Showcase Relevant Skills: Clearly outline your skills in Agile methodologies, data analytics, and strategic thinking. Provide examples of how you've applied these skills in past projects to enhance security outcomes.
Research Tesco's Security Approach: Familiarize yourself with Tesco's security strategies and technologies. Mention any insights you have about their approach to cyber threats and how you can contribute to their goals in your application.
How to prepare for a job interview at ZipRecruiter
✨Showcase Your Leadership Skills
As a Security Engineering Manager, you'll need to demonstrate your ability to lead and manage a team effectively. Prepare examples of how you've successfully managed teams in the past, focusing on performance management and fostering an inclusive environment.
✨Understand Cybersecurity Frameworks
Familiarize yourself with industry frameworks like MITRE ATT&CK and NIST CSF. Be ready to discuss how you have applied these frameworks in previous roles, particularly in integrating security into the software development lifecycle.
✨Highlight Your Technical Expertise
Your role will involve working with various technologies, including Microsoft security tools and Splunk. Be prepared to discuss your hands-on experience with these technologies and how you've used them to enhance security outcomes.
✨Demonstrate Strategic Thinking
Prepare to showcase your strategic and critical thinking skills. Discuss specific instances where you've identified problems and applied methodologies to solve them, creating value for your previous employers.
