×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Consultant Systems Engineer

Cyber Security Partner; II

Job in Welwyn Garden City, Hertfordshire, AL8, England, UK
Listing for: Tesco UK
Full Time position
Listed on 2025-12-13
Job specializations:
  • IT/Tech
    Cybersecurity, IT Consultant, Systems Engineer
Job Description & How to Apply Below
Position: Cyber Security Partner (II)

About the Security Partners team

We are the trusted security advisors for Tesco Technology. Our purpose is to collaborate seamlessly with the product and engineering stakeholders, leveraging our deep expertise in cyber security to design and implement robust, resilient solutions that protect our business and customers from cyber threats. We are a dynamic and expanding global team of 15+ experts, serving as the strategic link between the wider security group and software engineering teams that develop cutting‑edge services at scale to support the retail business.

Tesco Technology comprises several technology domains with over 100+ teams, each entrusted with their own security. These teams enjoy significant autonomy, balanced by the responsibility to make customer‑centric decisions and security. Rather than imposing controls through rigid processes and security gates, we empower these engineering teams to innovate by providing security guidance that helps them make informed decisions for Tesco.

Encouragingly, these teams are enthusiastic partners in enhancing security, working more efficiently, and integrating security into every aspect of their ways of working. This collaborative approach sets us apart from traditional security teams. We proudly identify ourselves as Security Partners, not security police, emphasizing our role as the “trusted advisors” rather than enforcers. Partners engage key people in engineering to make security contextual and frictionless.

After all, security is a journey and there is no one‑size‑fits‑all. Join the team and be part of this exciting journey!

The Role

As a Security Partner, you will deeply engage within product areas and influence the way security is delivered by them. You will be supported by experts in the team, nonetheless. To achieve this, you are good at secure design principles, cloud security, secure development practices and patterns, application security, secure pipelines, open‑source security and related. And not to mention, you are versatile to learn anything that comes along your way.

Being

the trusted advisor

As enterprise applications become more distributed, adaptive to technological advancements, and run from hybrid infrastructure, teams need to navigate through different complexities and make key security decisions along the way. A trusted security advisor empowers teams to achieve scalable and sustainable security maturity throughout the SDLC process.

Ideal Experience & Qualifications
  • Hands‑on product security experience from developing requirements, reviewing architecture, applying design principles, to application security, pipeline security, infrastructure, and secure monitoring.
  • Experience in leading security initiatives, dev(sec) ops practices with product and engineering teams.
  • Experience in threat modelling and designing security/privacy controls to mitigate risks.
  • Experience in application security, supply chain security, and using tools such as SAST, DAST, SCA, and IAC.
  • Experience in reviewing code to spot weaknesses and suggesting mitigations.
  • Experience applying industry standards like OWASP ASVS (Application Security Verification Standard), OWASP Top 10, CIS controls and benchmarks.
  • Good understanding of web application, REST APIs, micro services, eventing, modern application frameworks, and mobile apps.
  • Experience with cloud native and hybrid architectures with an emphasis on containerised workloads and Kubernetes.
  • Some development experience is always a plus – Java, cloud, Golang, Python. You do not need to “be a developer” but we need you to understand the implications of security on engineering velocity.
  • Degree in computer science / information systems or engineering field, or equivalent experience. Experience with regulations like GDPR, PCI‑DSS is desirable.
  • Azure or AWS cloud security certifications is desirable.
  • Good communicator, listener, influencer.
Our Vision at Tesco

Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move.

Diversity, Inclusion & Accessibility

We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves. We celebrate…

Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search