Security Engineer III

Category: Information Technology

Location: Kraków, małopolskie

Poland


Security Engineer III

Kraków, małopolskie, Poland

Add to basket Share Apply

Company Description

Tesco Technology is multi-functional and specialist team that drives operational excellence of services improves scale for our systems and processes globally and creates business leading capabilities.

We are an agile team of an industry-leading team of engineers. We create the future continuous integration and delivery tools for Colleague and Customer & Loyalty areas, solving problems, and developing new features through quality, scalable, performant, and maintainable technical solutions. The solutions that we are responsible for will have a global reach, impacting hundreds of thousands of Tesco colleagues worldwide.

We operate in a DevOps philosophy. We take responsibility for the software through its entire lifecycle. We practice continuous integration, delivery, and support of our code through to production and beyond.

As Tech Hub we cooperate within the group of Tesco Technology Hubs located in the UK, Poland, Hungary, and India.

 

Additional Information

Tesco is a diverse and exciting employer, dedicated to being #aplacetogeton, providing career-defining opportunities to all of our colleagues. If you chose to join our business, we will provide you with:

  • Permanent contract from the go – as a sign of our trust in your abilities.
  • Up to 20% yearly salary bonus – for employment contract colleagues only – based on both individual and business performance
  • Extensive private healthcare - complex care package including a wide range of specialists, medical services, and free flu vaccination
  • Cafeteria & Multisport – subsidized MyBenefit cafeteria platform with an option to use the funds on the multisport card.
  • Relocation Help - professional service to secure relevant working permits and other necessary documents;
  • Learning opportunities - certified technical training and learning platforms like Udemy, Pluralsight, and O'Reilly.
  • Referral Bonus – You’ll get 4500 PLN for each colleague you successfully refer to work with us.
  • Optional life insurance – a wide variety of insurance options from our partner, available optionally at a significant discount.

If that sounds exciting, then we'd love to hear from you.

#LI-AW1

Job Description

This role is about transforming the way security is delivered within our Customer and Online engineering teams.  As our software and enterprise APIs continue the move to the cloud, we have different security challenges, and this role is to help teams navigate that change successfully.  The boundary between infrastructure and application has virtually disappeared and being secure means support through the entire SDLC – from the ideas phase into threat modeling during design, during development then through to production and ops.

On a day to day basis you will:

·       Champion positive security change within your product team.  Teams will look to you for direction and guidance for all security matters.  There’s a whole security organization to back you up, so that’s not as scary as it sounds

·       Help product teams deliver new business features securely while balancing and clearly articulating technical and business risk

·       You will be expected to drive the deployment/integration of security capabilities into engineering teams within the product domain.  Reducing friction is paramount and we’re all about fast feedback within existing workflows, not adding another console for a developer to check

·       Support teams in a collaborative manner in matters of application, cloud, and data security, with threat modeling, risk treatment, and security advice across all security domains.  If you can raise a PR to resolve to fix a security issue, do so.

Longer-term, the nature of the role also means you are expected to identify new problem spaces, propose fixes engage across disciplines.  In other words, we want you to innovate and will give you the room to do so.  If you can think of ways to do security, faster, more accurately, with greater consistency and at scale while minimizing friction, you’ll be supported all the way.

You won’t be selecting and deploying commercial endpoint solutions, building SOC capabilities or doing much in the IAM or networking space.  We have engineering and operational teams for all those sorts of things.  We have a security architecture framework to work within, but you won’t get told how to perform the role, it’s yours to shape in whatever way works best for your product and engineering stakeholders.

Qualifications

Skills& Experience we are looking for:

·       Solid security experience across common security domains.  The technology might have changed but most of the security challenges haven’t

·       A thorough understanding of modern application development practices so that new security capabilities can be introduced while minimizing developer friction

·       Hands-on experience with complex Azure and AWS architectures with an emphasis on containerized workloads in k8s.  Command-line/API experience is highly desirable as security automation is a strategic priority

·       Some coding experience in something - Java, JavaScript, C#, bash. python or PowerShell.  You don’t need to “be a developer” but you do need to understand the implications of security on engineering velocity

I’ve you’ve got AWS and Azure, great!  If you have only one, we’ll train you in the other.  If you have neither, that’s a more challenging conversation, but may not be a show stopper.

Tesco places a great emphasis on our colleague culture. We’re a highly collaborative company and you can expect to deal with multiple teams with different ways of working.  Our goal is to be an enabling team, so being able to adapt your style to better support engineering teams will speed success.  One of our core principles is “we treat people how they want to be treated” so empathy, and understanding along with self-motivation are genuinely as important as technical skills.

Application process

Back to top