Security Engineer III

Category: Information Technology

Location: Bengaluru, KA


Security Engineer III

Bengaluru, KA, India

Add to basket Share Apply

Company Description

Tesco Bengaluru: We are a multi-disciplinary team creating a sustainable competitive advantage for Tesco by standardising processes, delivering cost savings, enabling agility, providing cutting-edge technological solutions and empowering our colleagues to do ever more for our customers. With cross-functional expertise in Global Business Services and Retail Technology & Engineering, a wide network of teams and strong governance we reduce complexity thereby offering high quality services for our customers. Tesco Bengaluru, established in 2004 to enable standardisation and build centralised capabilities and competencies, makes the experience better for our millions of customers worldwide and simpler for over 4,40,000 colleagues.

Tesco Technology consists of people from a number of different backgrounds, but having a common purpose to serve our shoppers a little better every day with our retail technological solutions. We shared a common interest in harnessing innovations in technology to enhance their shopping experience at Tesco stores. Whether making products, software or systems, our teams focuses on various aspects from taking strategic ownership of the architecture to delivering technological solutions such as design, testing, deployment, infrastructure, operation and security of the systems to ensure agile, smooth and safe operations. These help us to deliver the maximum business impact. Teams refine their internal processes to best fit their own needs, working to build core capabilities in application and services. We collaborate globally across teams to build end-to-end customer-facing solutions, as well as to share knowledge, experience, tools and techniques.

At Tesco, inclusion means that Everyone’s Welcome. Everyone is treated fairly and with respect; by valuing individuality and uniqueness we create a sense of belonging.
Diversity and inclusion have always been at the heart of Tesco. It is embedded in our values: we treat people how they want to be treated. We always want our colleagues to feel they can be themselves at work and we are committed to helping them be at their best.
Across the Tesco group we are building an inclusive workplace, a place to actively celebrate the cultures, personalities and preferences of our colleagues – who in turn help to build the success of our business and reflect the diversity of the communities we serve.

Additional Information

Important Notice: 

On behalf of Tesco Bengaluru, we must caution all job seekers and educational institutions that Tesco Bengaluru does not authorise any third parties to release employment offers or conduct recruitment drives via a third party. Hence, beware of inauthentic and fraudulent job offers or recruitment drives from any individuals or websites purporting to represent Tesco. Further, Tesco Bengaluru does not charge any fee or other emoluments for any reason (including without limitation, visa fees) or seek compensation from educational institutions to participate in recruitment events. 

Accordingly, please check the authenticity of any such offers before acting on them and where acted upon, you do so at your own risk. Tesco Bengaluru shall neither be responsible for honouring or making good the promises made by fraudulent third parties, nor for any monetary or any other loss incurred by the aggrieved individual or educational institution. 

In the event that you come across any fraudulent activities in the name of Tesco Bengaluru, please feel free report the incident at 

Job Description

•We are upgrading our own on-prem private cloud hyper converged infrastructure platform.
•We are investing in revamping and increasing the expanse of network security tooling and monitoring for our on-prem private and public cloud.
•Our new centos/highly dockerised tills are starting to rollout – a big departure from the industry norm of off-the-shelf spaghetti code and maintenance headaches
•We’re the original big data company in the UK. Tesco Clubcard has been going for 25 years and we’re heavily data driven
•We’re investing heavily in AI/ML in areas such as computer vision and natural language processing to better support our customer channels
•We’ve a large multi-cloud service-mesh initiative underway. Dead simple if you’re just doing it on a single k8s cluster but much harder at our scale and with polyglot tech stacks
•We’ve a great network and systems (infrastructure) engineering team developing tooling to improve security at scale and who you will be working closely with

Tesco has a rich network and infrastructure technology stack for network monitoring and discovery security tooling application aware firewalling and intrusion detection cloud-based content delivery network (CDN) cloud access security broker (CASB) and so on. Tesco has fully embraced Devops and agile methods to develop enterprise APIs services and cloud capabilities. Our 100+ delivery teams have loads of Docker Kubernetes and microservices galore across Azure and AWS so our security approach must work with elastic here today gone tomorrow infrastructure. Our security approaches should be event-driven real-time and effective. Weekly scans are so 2010.
You might think that retail is a bit slow and sleepy but we’re doing some cool stuff.

You will be responsible for

Developing a strong security partnership with the network and systems engineering teams
These roles are about transforming the way security is delivered within our Network Security and Engineering teams. As our software and enterprise architectures continue the move to the cloud. We have different security challenges and this role is to help teams navigate that change successfully. The boundary between infrastructure and application has virtually disappeared and being secure means support through the entire network and systems engineering (infrastructure) lifecycle and Ops – from proof of concept design golden templates security best practices automation configurations development setup through to production deployment and 24/7 ops.

On a day-to-day basis you will
•Champion positive security change within the teams you support. Teams will look to you to for direction and guidance on all security matters but there’s a whole security organisation to back you up so that’s not as scary as it sounds
•Help product teams deliver new business features securely while balancing and clearly articulating technical and business risk
•You will be expected to drive the deployment/integration of security capabilities into the network and systems engineering (infrastructure) teams for on-prem and public cloud. Reducing friction is paramount and we’re all about fast feedback within existing workflows not adding another console for a developer to check
•Support teams in a collaborative manner in matters of data security for on-prem and cloud network product deployments with a focus on design automation using IaC tooling and/or API driven approach.
•Work with the Systems engineering (infrastructure) and network teams to define security strategy provide security guidance across all security domains perform risk assessments and draw up risk treatment plans.
•Work with the network product specialists and suppliers and be effective in triaging and prioritising security requirements/remediations.
•Participate in major problem review meetings processes improvement meetings as well actively contribute to the high-risk change review and analysis coordination reviews.
•Work closely within network operations team and coordinate with security engineering and design teams.
•Collaborate with internal Governance Risk and Compliance Controls teams and complement supplier assurance assessments.
•Deliver operations support assist in proof of concept phase to deployment and manage operational acceptance criteria for multiple security tools including firewalls proxies web application firewalls network admission controls and DDoS mitigation systems.
•Experience managing team delivery for global orchestration and automation via IaC tooling and/or Application Programming Interfaces (API).
•Effectively manage cross-functional internal and external team collaboration and communications.
•Utilize a wide array of security platforms protocols tools and technologies.
•Excellent interpersonal facilitation and leadership skills along with effective communication (both written and verbal) skills.
Longer-term the nature of the role also means you are expected to identify new problem spaces propose fixes and engage across disciplines. In other words we want you to innovate and will give you the room to do so. If you can think of ways to do security faster more accurately with greater consistency and at scale while minimising friction you’ll be supported all the way.

You will need
To excel in this position you ideally should have the following:
•10 years of work experience with a bachelor’s degree or at least 8 years of work experience with an Advanced Degree (e.g. Masters/MBA/JD/MD) or at least 3 years of work experience with a PhD.
•A minimum of 5-10 years of experience in the network/security engineering and/or security areas.
•Solid security experience across common security domains. The technology might have changed but most of the security challenges haven’t.
•A basic know how of/experience with international compliance requirements/standards (PCI DSS ISO 27K FIPS GDPR) and other security regulation requirements.
•Familiarity with complex global cybersecurity infrastructure designs preferred.
•Familiarity with CDN’s CASB’s and other network security and monitoring tooling.
•An understanding of modern application development practices so that new security capabilities can be introduced while minimising developer friction.
•Basic hands-on experience on Azure and AWS architectures.
•Command-line/API experience and/or IaC tooling is highly desirable as security automation is a strategic priority.
•Some coding experience in something - Java JavaScript C# bash python or PowerShell. You don’t need to “be a developer” but you do need to understand the implications of security on engineering velocity.
•One or more certifications such as CISSP CEH CISM CISA CompTIA CCNA CCNP and similar ones
•If you’ve got AWS and Azure great! If you have only one we’ll train you in the other. If you have neither that’s a more challenging conversation but may not be a show-stopper if you stand out in other areas.

The human side

Tesco places a great emphasis on our colleague culture. We’re a highly collaborative company and you can expect to deal with multiple teams with different ways of working.  Our goal is to be an enabling team, so being able to adapt your style to better support engineering teams will speed success.  One of our core principles is “we treat people how they want to be treated” so empathy and understanding, along with self-motivation are genuinely as important as technical skills.  In short, you like dealing with people and building strong professional relationships.


Cyber Security Network Security Information Technology Infrastructure and Public Cloud.

B.E/B.Tech or M.E/M.Tech/MCA/MSc in Engineering stream 

Application process

Back to top