Security Engineering Manager

Category: Information Technology

Location: Bengaluru, KA

India


Security Engineering Manager

Bengaluru, KA, India

Add to basket Share Apply

Company Description

Tesco Bengaluru: We are a multi-disciplinary team creating a sustainable competitive advantage for Tesco by standardising processes, delivering cost savings, enabling agility, providing cutting-edge technological solutions and empowering our colleagues to do ever more for our customers. With cross-functional expertise in Global Business Services and Retail Technology & Engineering, a wide network of teams and strong governance we reduce complexity thereby offering high quality services for our customers. Tesco Bengaluru, established in 2004 to enable standardisation and build centralised capabilities and competencies, makes the experience better for our millions of customers worldwide and simpler for over 4,40,000 colleagues.

Additional Information


 

Important Notice: 

On behalf of Tesco Bengaluru, we must caution all job seekers and educational institutions that Tesco Bengaluru does not authorise any third parties to release employment offers or conduct recruitment drives via a third party. Hence, beware of inauthentic and fraudulent job offers or recruitment drives from any individuals or websites purporting to represent Tesco. Further, Tesco Bengaluru does not charge any fee or other emoluments for any reason (including without limitation, visa fees) or seek compensation from educational institutions to participate in recruitment events. 

Accordingly, please check the authenticity of any such offers before acting on them and where acted upon, you do so at your own risk. Tesco Bengaluru shall neither be responsible for honouring or making good the promises made by fraudulent third parties, nor for any monetary or any other loss incurred by the aggrieved individual or educational institution. 

In the event that you come across any fraudulent activities in the name of Tesco Bengaluru, please feel free report the incident at recruitment_compliance_india@tesco.com 

Job Description

About the Security Engineering team
We are 15+ and growing team that supports Tesco technology and software development
teams across cloud and other cutting edge technologies at scale. We have a new role as the engineering manager for our security engineering team based in Bengaluru. The software development teams are responsible for their own security, so we act differently than a traditional security team. We’re team of security partners, not security police.. and we go as far as calling ourselves as Security Partners, not Security Architects or Consultants.
Our software engineering teams have tremendous freedom in their work and the
corresponding responsibility to do the right thing for our customers. Instead of controlling
our engineering teams with process and security gates, we enable them to innovate by
providing security guidance to make right decisions for Tesco. The good news is that our
engineering teams are (usually) willing partners in doing better security, more efficiently
and earlier in the process. We want you to help us scale out and represent ourselves for the wider engineering domains.
Tesco has fully embraced devops and agile methodologies to develop our enterprise APIs,
services and cloud capabilities. Our 100+ delivery teams have loads of Docker, Kubernetes
and microservices galore across Azure and AWS, so our security approach must work with
elastic, here today, gone tomorrow infrastructure. Our security approaches should be event-driven, real-time and effective. Weekly scans are so 2010.

The Role:

As a Security Engineering Manager, you will manage a team of experienced security partners and engineers, who are aligned to an engineering domain. You will enable them to work and collaborate efficiently, and deliver high-quality results. You will play a vital role in building the team and in its growth story.

Developing strong security partnerships for Tesco Technology

Security partnerships are about transforming the way security is delivered within our
technology domains and software engineering teams. We have different security challenges,
and your role as engineering manager is actively provide people management and technical leadership.


Job Accountabilities:

  • You assist the team, provide guidance and direction whilst also challenge the status-quo.
  • Manage performance of the team and play an vital role in their personal development plans.
  • Manage the backlog of activities for the security team under you and aid in planning and
  • execution.
  • Effectively manage cross-functional collaboration, and communications across security
  • partners globally.
  • Promote team work, and recognise key contributions and milestones regularly.
  • Coach and mentor members of the team.
  • Be the advocate for change and push boundaries.
  • Excellent interpersonal, facilitation, and leadership skills along with effective
  • communication (both written and verbal) skills.

As a core technical member,

  • You indulge in key initiatives and activities, contribute as a technical member.
  • You review quality of deliverables and provide timely and constructive feedbacks.
  • You identify skill gaps within the team and facilitate in training, coaching.

Qualifications

To excel in this position, we expect you to have the following:

  • 12+ years of work experience with a bachelor degree or at least 10 years of work experience with an master degree in relevant areas.
  • A minimum of 5 years of experience in the security engineering and closely related areas.
  • Proven experience in managing team of experienced professionals.
  • Excellent interpersonal, facilitation, and leadership skills along with effective communication (both written and verbal) skills.
  • Solid experience across common security domains. The technology might have changed but most of the security challenges haven’t.
  • Good experience with customer-facing solutions, large enterprise deployments, micro-service architecture, distributed computing, Linux operating system, REST APIs, modern application frameworks, container based development and deployments
  • Good experience with complex Azure and AWS architectures with exposure to managed Kubernetes, popular PaaS and SaaS services.
  • Good experience in developing threat models and attack trees.
  • Good understanding of application security and dev(sec)ops, the shift-left culture.
  • Some coding experience is always a plus, either with Java, JavaScript, C#, bash, python or PowerShell. You don’t need to “be a developer” but you do need to understand the implications of security on engineering velocity
  • One or more certifications such as CISSP, CISM, CISA, CompTIA, or similar is a plus.
Back to top