Senior Security Engineer - Internal Penetration Tester

We are passionate about step changing cyber security capability to better protect our customers and colleagues across our global business, and we’re looking to add great people to our growing team.

This new role challenges you to use your offensive skills to discover and demonstrate vulnerabilities and weaknesses in our systems. Tesco Technology has hundreds of software and infrastructure engineers deploying many solutions at scale using many different technology stacks. An internal penetration tester working collaboratively with many of our teams is key to addressing these findings, efficiently and at scale across Tesco.

We believe that skilled and passionate people are our greatest asset in reducing cyber risk to our business and customers. We encourage and support continual development and recognise the importance of keeping up with the latest technology (as well as all the older stuff) and an evolving threat landscape.

Are you up for this challenge?

You’ll be working in an offensively trained and defensively focused security team, challenging yourself to find security vulnerabilities before others do. You will be responsible for delivering high-quality security assessments (web, mobile and infrastructure), working with other dedicated security professionals, as well as in partnership with software and infrastructure engineers.

You’ll also have the advantage of being able to use internal knowledge, data sources and tools to help identify attack vectors and be able to test out your hypotheses.

You will be given time and opportunities to carry out personal research and put yourself through certifications supported by us to ensure you are on the top tier edge of offensive security.

• Penetration testing experience performing authorised tests on computer systems, exposing weaknesses in security that potentially could be exploited
• Experience of platforms like HackTheBox, Proving Grounds (Offensive Security), or similar
• GPEN, Crest, OSCP, OSEP or other industry relevant certifications are desired but not crucial.
• Good knowledge of network protocols and packet analysis / manipulation tools
• Knowledge of preventative and detective controls (Active Directory, firewalls, IDS, IPS, anti-virus, etc)
• Exceptional analytical and critical thinking, willingness to challenge status quo
• Excellent interpersonal skills
• Advanced written and oral communications, self-motivator
• Great teammate and independent worker, highly adaptive

We offer excellent benefits that help make Tesco a great place to work!  These include but are not limited to:

• Annual bonus scheme
• Holiday starting at 25 days plus a personal day (and bank holidays)
• Great colleague discounts and deals, saving you money on everyday purchases, utility bills for the home and more
• Retirement savings plan – save between 4% and 7.5% and Tesco will match your contribution
• Buy as you earn and Save as you earn share schemes
• Opportunities to get on – take advantage of our ongoing learning opportunities and award-winning training to help you achieve the career you want

Our vision at Tesco is to become every customer’s favourite way to shop, whether they are at home or out on the move.  Our core purpose is “Serving our customers, communities and planet a little better every day”.  Serving means more than a transactional relationship with our customers.  It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of, and for the planet.

We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves.  At Tesco, we not only celebrate diversity, but recognise the value and opportunity it brings.  We’re committed to creating a workplace where differences are valued, and make sure that all colleagues are given the same opportunities.  We’re a big business with diverse working patterns and many business areas which means that we can find something that works for you.  Everyone is welcome at Tesco.

We have recently announced that we are moving to a more blended working week – combining office and remote working.  Our offices continue to be where we connect, collaborate and innovate.  Talk to us about how this can work for you.

Note: Should you be successful in your application, your employment will be subject to and conditional upon you providing your bank account details on your agreed start date.