Hours: 36
Salary: Competitive
Location: Welwyn Garden City AL7 1GA
United Kingdom
Apply by: 31/12/2022
Welwyn Garden City AL7 1GA
This role is for a hands-on security engineer focused on prevention and detection capability as well as system hardening and secure configuration on Linux endpoints.
This is across a large and diverse estate of technology assets, both on-prem and in public cloud, from servers to containers. The security engineer will need to collaborate with security, infrastructure, and wider teams across Tesco to reduce the attack surface, and develop new hardened systems and configuration. These should meet the needs of the business for usability as well as the appropriate level of threat prevention and detection capability.
Responsible for the design, development and implementation of threat prevention and detection capability, system hardening and secure configuration across the organisation. This includes analysis of existing endpoint security capability and system baselines, determining appropriate controls and benchmarks, and the creation of new and revisions to existing images and configuration. You will also be responsible for tracking the compliance of systems across Tesco through monitoring and auditing. Findings from this will need to be shared effectively with teams so the attack surface is minimised.
Minimum requirements:
• Strong knowledge of Linux system internals
• Experience hardening technology systems
• Working knowledge of threat prevention and detection capability
• Knowledge of hardening & compliance frameworks or guidelines (e.g. NIST, CIS)
• Ability to work independently and collaboratively across cyber security, infrastructure, and software development teams
• A broad understanding of security concepts; an interest and passion for cyber security
Desirable Skills and Experience:
• Experience working with containers, cloud infrastructure, cloud security and APIs
• Working knowledge of at least one programming language, including scripting languages such as Python or Bash
• Experience automating deployments and IaC (e.g. through use of automation tools such as Ansible, Chef or Puppet)
• Experience developing and implementing attack surface reduction rules and application control rules
• Experience using the Cyber Kill Chain or Mitre ATT&CK Framework
We offer excellent benefits that help make Tesco a great place to work! These include but are not limited to:
Our vision at Tesco is to become every customer’s favourite way to shop, whether they are at home or out on the move. Our core purpose is “Serving our customers, communities and planet a little better every day”. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of, and for the planet.
We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves. At Tesco, we not only celebrate diversity, but recognise the value and opportunity it brings. We’re committed to creating a workplace where differences are valued, and make sure that all colleagues are given the same opportunities. We’re a big business with diverse working patterns and many business areas which means that we can find something that works for you. Everyone is welcome at Tesco.
We have recently announced that we are moving to a more blended working week – combining office and remote working. Our offices continue to be where we connect, collaborate and innovate. Talk to us about how this can work for you.
Note: Should you be successful in your application, your employment will be subject to and conditional upon you providing your bank account details on your agreed start date.