|Job Title:||Security Architect|
|Job Published:||January 15, 2021 18:33|
Our security architects areexpected to provide technical expertise on matters pertaining to information security, as well as being an active members of the security architecture team. The development of strong relationships across the business, is essential in enabling a good understanding of technology changes and in order to be in a position to influence ideas, initiatives and designs early on. Additionally you will contribute to Tesco's enterprise security architecture ensuring it is fit for purpose against current threats and aligned to the business risk appetite.
You will be responsible for It is expected that you will support the delivery of secure systems through proactive engagement with software engineering teams, infrastructure teams and the business as a whole. You will assist in the identification of security risks that are present within Tesco technologies and ensure that these are mitigated in accordance with Tesco policies and standards wherever possible, whilst articulating residual risks to the business for treatment and tracking. You will manage the end-to-end formal security architecture processes, engaging external resources where necessary, removing or minimising delay to the business and commissioning, tracking remedial work identified as being required. You will also provide guidance on information security to other architects, developers and the wider Tesco business to enable informed decisions to be taken.
This role would suit someone with an application security/development background with experience in Security Architecture, to include:
Good knowledge of threat modelling methodologies such as STRIDE, VAST, DREAD, etc.
Experience of working with diverse project management styles, (Agile, waterfall).
Good working knowledge of the secure software development lifecycle and associated tooling.
Experience of working with cloud technologies, (hybrid, Azure, AWS).
Ability to assess the impact of change in a complex environment.
Experience of security governance and compliance (GDPR, PCI-DSS, ISO27001).
Strong understanding of the penetration testing lifecycle, (scope, conduct, analysis, client delivery).
Good understanding of network security, protocols and controls.
Good knowledge of encryption protocols ad PKI.
An excellent level of attention to detail and a strong sense of ownership.
Ability to articulate complex technical or sensitive issues to a wide audience is essential.
Ability to work both individually with minimal supervision in addition to working with large teams on projects of varying complexity.
Our vision here at Tesco is to become every customer's favourite way to shop, whether they are at home, out shopping, on the move, anywhere in the world. We want our customers to be inspired and whatever they are looking for, we're finding bigger and better ways to provide it. Everything is underpinned by our continuous drive for the best tools and technology to deliver our vision. We're driving innovation and transforming our Technology to become the world's leading retailer. We need people who share our ambition to deliver for our customers; Passionate and confident people willing to take the initiative and drive us forwards. In return we offer excitement, a great team, an excellent benefit package, and significant career development opportunities. Joining us means playing a part in defining; building and launching an ambitious roadmap of digital products that could affect the lives of millions of people over the years to come. If that sounds exciting then we'd love to hear from you.