Skip to content

JobServe
 

Job Application

 
 
 

Please answer the following questions in order to begin the process of your application.

 
 
Email Address *
 
Select your working status in the UK *
 
 
 
File Attachments:
(2MB file maximum. doc, docx, pdf, rtf or txt files only)
 
Attach a CV * 
 
 
 * denotes required field
 
 
 
Additional Information:
 
First Name
 
Surname
 
 
 

Key Privacy Information

When you apply for a job, JobServe will collect the information you provide in the application and disclose it to the advertiser of the job.

If the advertiser wishes to contact you they have agreed to use your information following data protection law.

JobServe will keep a copy of the application for 90 days.

More information about our Privacy Policy.

 
 

Job Details

 

Security Engineer - SIEM and SOC (Permanent)

Location: Welwyn Garden City, Hertfordshire Country: UK
 
Summary

About The Security & Capability Team

Our team is responsible for providing and maintaining tools used by Tesco in order to monitor and secure our systems, while also helping our colleagues globally.

The opening date for this role is 20th August 2018 and the closing date will be 17th September 2017.

We maintain global hybrid instances of our chosen tools for SIEM, Application Performance Monitoring, Log Monitoring, Backlog Management, Identity Access Management, Service Desk, self-help portals for colleagues and incident communications. In addition to the challenges delivering this capability brings, we're also the team responsible for the security operations centre and our security architecture, working across Tesco globally to secure our systems and data! Our Technology Risk & Compliance team works tirelessly to further develop a risk aware culture and drive audit and regulatory improvements across the technology team in all Tesco countries.

We aim to provide colleagues with a great experience by providing world class tooling, processes and advice. We believe in solutions that are either self-service or invisible to the end user - that's not always easy to achieve, but it's what we strive for.

Package

We offer excellent benefits that help make Tesco a great place to work. These include but aren't limited to:
. An annual bonus scheme which you can achieve up to 3.5% of base salary
. Colleague Clubcard (including a 2nd card for a family member) after 6 months service with 10% off most purchases at Tesco
. Holiday starting at 25 days plus a personal day
. A retirement savings plan - 4%-7.5% contribution rate
. Life Assurance - 5 x contractual pay
. Buy As You Earn Scheme
. Save As You Earn Scheme
. Deals & Discounts through Tesco including Tesco Mobile & Tesco Bank
. Deals and Discounts through many other external businesses

Main Responsibilities

Security Engineer

You will focus on improving the telemetry, processes and tools for Tesco's SIEM system and SOC team. This role requires proven experience with security telemetry, security intelligence, anomaly hunting and incident response.

The Engineer must leverage intuition, security knowledge and a broad of array of tools and advanced security techniques to help us uncover and stay alert to malicious activity. Bilaterally, we're building a threat hunting capability to feed back into our telemetry and processes.

Ideal Candidate

Key Skills and Experience
. Experience performing technical analysis involving security event data and evaluating malicious activity.
. Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP etc., and accompanying protocol/packet analysis/manipulation tools.
. Knowledge of information security protection/detection and authentication systems (Firewalls, IDS, IPS, anti-virus, etc).
. Knowledge of commonly-accepted information security principles and practices, as well as techniques attackers would use to identify vulnerabilities, gain unauthorized access, escalate privileges and access restricted information.
. Knowledge of current operating environments (Microsoft, Linux, & OS X).
. Development/Configuration experience with any industry leading SIEM platform.
. Experience of development using a programming language in a DevOps environment using agile techniques.
. Exceptional analytical and critical thinking, willingness to challenge status quo.
. Excellent interpersonal skills.
. Advanced written and oral communications, self-motivator.
. Team player and independent worker, highly adaptive.

Desirable Tools/Technologies:
. Splunk (including Enterprise Security, UBA and CIM)
. AWS
. Devops toolsets - Github, Jenkins, Jira etc.
. Python, Java

Academia: College degree or equivalent work experience.

Desirable Certifications: SSCP, GSEC, GCIH, GCIA or other industry relevant certifications.

Posted Date: 14 Oct 2018 Reference: JS2573243/523277729 Employment Agency: Tesco Contact: Tesco