cover image
Tesco Technology

Tesco Technology

www.tesco-careers.com

4 Jobs

914 Employees

About the Company

We are Tesco, and we're always looking ahead. We use tech to make things a little better for everyone, every day.

Forget off- the-shelf. We love coming up with our own ideas and building things ourselves. We empower our technologists to play a part in Tesco's future. Solving crunchy tech problems, making customers' lives a little easier, and making a difference to our communities and the planet.

Our Technology team is made up of over 3,500 experts spread over 5 countries: UK, Poland, Hungary, Czech Republic and India. These teams all have one thing in common - helping solve problems at a global scale.

Whether making products, software or systems, our teams each focus on a particular area, taking strategic ownership of the architecture, design, testing, deployment, infrastructure, operation and security of the systems in their domain, to ensure agile, smooth and safe operations, and maximum business impact.

It doesn't matter who you are, everyone has the opportunity to make things happen at Tesco. We listen and learn. We all love tech. And we always work together as a team. That's why you won't find big egos at Tesco. Just tech experts with lots of ideas that help millions of customers, every day.

Listed Jobs

Company background Company brand
Company Name
Tesco Technology
Job Title
Head of Security Engineering – Application Security & Security Testing
Job Description
Job Title: Head of Security Engineering – Application Security & Security Testing Role Summary: Lead a multi‑disciplinary security engineering function focused on vulnerability management, application security engineering, and adversarial testing. Deliver full‑stack security assurance from code to infrastructure, driving innovation and operational excellence while embedding security throughout delivery pipelines. Expactations: • Own and grow a 20+ engineer team across sub‑functions (vulnerability management, app security engineering, penetration testing). <br>• Translate strategic security goals into actionable plans, monitor progress, and report on metrics. <br>• Foster a culture of continuous improvement, talent development, and succession planning. <br>• Serve as a senior stakeholder liaison across security, product, and platform teams. Key Responsibilities: • Manage three Security Engineering Managers and a Principal Security Engineer/Architect. <br>• Oversee design, deployment, and operation of tools for vulnerability detection across code, applications, infrastructure, packages, and external assets. <br>• Ensure robust SAST, SCA, ASPM, threat modelling, GenAI‑driven security solutions, and red/purple team testing capabilities. <br>• Drive automation, coverage expansion, and continuous improvement of testing methodologies. <br>• Translate Tesco Tech Excellence programme objectives into actionable team plans, track delivery, and maintain operational metrics. <br>• Collaborate with Heads of Security Partnerships, Cyber Defence, and Platform Security Architecture to align security initiatives with broader technology goals. <br>• Embed security into product and programme pipelines and act as key contact for senior stakeholders. Required Skills: • Proven leadership of large‑scale security engineering teams. <br>• Deep technical expertise in vulnerability management, application security engineering, and adversarial testing. <br>• Strong knowledge of secure development practices, modern engineering tooling, and DevSecOps pipelines. <br>• Experience with ASPM platforms, threat modelling, and GenAI‑driven security solutions. <br>• Ability to balance strategic vision with hands‑on execution. <br>• Excellent communication, stakeholder engagement, and performance‑tracking skills. <br>• Familiarity with operational metrics and continuous improvement frameworks. Required Education & Certifications: • Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience). <br>• Professional certifications such as CISSP, CISM, CEH, OSCP, or equivalent are highly desirable.
Welwyn garden city, United kingdom
On site
30-10-2025
Company background Company brand
Company Name
Tesco Technology
Job Title
Security Analyst II - SOC
Job Description
Job title: Security Analyst II – SOC Role Summary: Monitor, analyze, and respond to security events using SIEM/XDR, conduct threat hunting, investigate incidents, and continuously improve detection and response capabilities within a large‑scale internal SOC. Expectations: Act with integrity, maintain situational awareness of threat landscape, collaborate cross‑functionally, and document and communicate incident data clearly. Key Responsibilities: - Proactively monitor and analyze security events across on‑premises and cloud environments. - Evaluate alerts, assess risk and severity, and initiate appropriate remediation actions. - Investigate, contain, remediate, and perform post‑incident analysis to prevent recurrence. - Conduct proactive threat hunting to detect unknown threats and enhance early‑detection. - Build and implement security standards, playbooks, and automation use‑cases. - Maintain up‑to‑date knowledge of attacker techniques, vulnerabilities, and trends. - Collaborate with Incident Managers, Threat Intelligence, and other teams for unified response. Required Skills: - ≥3 years experience as SOC analyst in an internal SOC. - Proficiency in SIEM, XDR, SOAR; experience with enterprise security tech. - Strong technical analysis, investigation, and incident handling in fast‑paced environments. - Deep knowledge of operating systems, networking (TCP/IP, DNS), and cloud platform security. - Familiarity with incident response frameworks (NIST, MITRE ATT&CK). - Scripting skills (Python, PowerShell) for automation. - Excellent analytical, problem‑solving, communication, and critical‑thinking abilities. - Ability to manage high‑stress situations with composure and integrity. Required Education & Certifications: - Relevant degrees in Computer Science, Cybersecurity, or related field (preferred). - Certifications such as CompTIA Security+, Cybersecurity Analyst (CSA+), or equivalent (optional).
Welwyn garden city, United kingdom
On site
Junior
03-12-2025
Company background Company brand
Company Name
Tesco Technology
Job Title
Lead Product Manager - Cyber Data Intelligence Platform
Job Description
Job title: Lead Product Manager – Cyber Data Intelligence Platform Role Summary: Lead end‑to‑end product management for a cyber data analytics and AI platform, building and scaling a small high‑impact PM team. Own product vision, roadmap, and delivery while aligning with broader cyber data strategies and senior leadership priorities. Drive data‑driven decisions, secure product releases, and foster a culture of continuous improvement and innovation. Expectations: - Deliver measurable business value through product strategy and OKRs. - Grow, empower, and retain a high‑performing PM team. - Maintain rigorous product ownership from concept to launch, ensuring cross‑functional collaboration and stakeholder alignment. Key Responsibilities: - Develop and execute product strategy for cyber data analytics and AI initiatives. - Define, prioritize, and communicate product roadmap and vision. - Own product lifecycle: feature definition, user stories, acceptance criteria, backlog grooming, and release management. - Coordinate with security engineering, QA, and infrastructure teams to ensure secure, high‑availability releases. - Track and analyze key metrics (uptime, SLOs, response times, adoption, impact on OKRs). - Engage senior leadership and external partners to gather feedback, validate concepts, and secure alignment. - Build, mentor, and develop a small team of Product Managers; set OKRs, provide performance feedback, and create career pathways. - Ensure compliance with business conduct, risk responsibilities, and cybersecurity best practices. Required Skills: - Proven product management experience (strategy, roadmap, full lifecycle, OKRs). - Leadership demonstrated in building and scaling a high‑performance PM team. - Strong analytical mindset with capacity to drive data‑driven PM decisions. - Deep understanding of cyber data analytics, AI technologies, and cybersecurity principles. - Experience managing product releases in high‑availability environments; knowledge of uptime, SLOs, and performance metrics. - Excellent stakeholder communication, cross‑functional collaboration, and executive presentation skills. Required Education & Certifications: - Bachelor’s degree in Computer Science, Engineering, Business, or related field. - PMP, Certified Scrum Product Owner (CSPO) or equivalent product certifications preferred.
Welwyn garden city, United kingdom
On site
Senior
07-12-2025
Company background Company brand
Company Name
Tesco Technology
Job Title
Cyber Security Partner (II)
Job Description
Job Title Cyber Security Partner (II) Role Summary Serve as a trusted security advisor to product and engineering teams, embedding secure design and development practices across the SDLC. Drive security strategy, threat modeling, and implementation of industry standards while enabling teams to innovate securely. Expectations - Apply secure design principles to product and architecture decisions. - Translate security requirements into actionable, low‑friction controls for engineering. - Continuously improve security maturity with measurable outcomes. Key Responsibilities - Lead end‑to‑end security assessments: requirements, architecture review, code review, pipeline security, infrastructure, and monitoring. - Design and implement threat models and privacy controls to mitigate identified risks. - Advise on application, supply‑chain, and cloud security; recommend and validate use of SAST, DAST, SCA, IAC tools. - Define and enforce compliance with OWASP ASVS, OWASP Top 10, CIS Controls, and relevant benchmarks. - Mentor and coach engineering teams on secure coding, secure API practices, micro‑services, event‑driven architecture, and hybrid/cloud environments. - Coordinate with security operations to ensure continuous monitoring, incident response, and vulnerability management. - Drive the adoption of devSecOps practices, integrating security into CI/CD pipelines and release processes. - Document security guidance, best practices, and lessons learned for enterprise use. Required Skills - Deep knowledge of secure design, cloud security, secure development lifecycles, and secure pipeline practices. - Hands‑on experience with threat modeling, application security, supply‑chain security, and monitoring. - Proficiency with SAST, DAST, SCA, IAC tools and frameworks. - Strong understanding of web applications, REST APIs, micro‑services, event‑driven architecture, and hybrid infrastructure. - Ability to review code, identify weaknesses, and recommend mitigations. - Excellent communication and stakeholder engagement skills. - Adaptability to learn emerging technologies and security practices. Required Education & Certifications - Bachelor’s degree in Computer Science, Software Engineering, Cybersecurity, or a related technical field. - Security certifications such as OWASP, CISSP, CISM, or equivalent are preferred.
Welwyn garden city, United kingdom
On site
10-12-2025