Senior Incident Responder (DFIR)

Social network you want to login/join with:

col-narrow-left

Other

-

Yes

col-narrow-right

1a339c4c5afd

46

12.08.2025

26.09.2025

col-wide

Tesco UK • Welwyn Garden City • Full-Time • Apply by 23-May-2025

Our Digital Forensics and Incident Response (DFIR) team leads the technical investigation and response to security incidents at Tesco. As part of this team, you’ll work alongside our security operations, threat intelligence, and security engineering teams to protect, detect, and respond to security threats across Tesco’s diverse and evolving estate.

You’ll apply your deep technical knowledge and critical thinking ability to investigate and understand the full extent of security incidents and threats. Your ability to distil and clearly convey technical information will allow you to provide the key contextual information to decision makers that enables them to make informed decisions.

As a senior position, when you’re not investigating security incidents, you’ll have the freedom to leverage your knowledge and real-world experience to help improve and automate the team’s technical workflows, working alongside other teams to help drive innovation across our prevention, automation, detection, and response capabilities. Your status as a senior incident responder means you’ll serve as a role model for engineers and analysts across Security Operations.

We’re all about the little helps. That’s why we make sure our Tesco colleague benefits package takes care of you – both in and out of work. To find out more!

• Annual bonus scheme of up to 20% of base salary
• Holiday starting at 25 days plus a personal day (plus Bank holidays)
• Private medical insurance
• 26 weeks maternity and adoption leave (after 1 year's service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, and 4 weeks fully paid paternity leave
• Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing

• Investigation and Response: Perform host, network, and cloud-based forensic analysis to understand the full extent of security incidents and take appropriate response actions to contain, remediate, and recover.
• Incident Handling: Support cyber-security incident managers and decision makers with root cause analysis and formulating recommendations for detection and prevention controls.
• Technical Project Work: Use your technical capabilities to enhance our existing processes as well as identifying and working on new methods to deliver DFIR services to the ever-changing technology requirements of the business.
• Threat Hunting & Detection Engineering: Lead intelligence-based threat hunts to uncover anomalous behaviour in our estate that is representative of the security threats most relevant to Tesco, testing and raising potential detections to contribute to our internal detection engineering programme

• 4+ years of relevant experience.
• Experience with responding to security incidents in large scale corporate on-premises and public cloud environments (preferably Microsoft Azure).
• Experience with forensic analysis of cyber-security incidents on Windows, MacOS, and Unix operating systems and in-depth understanding of those operating systems.
• Experience with a broad range of security technologies such as EDR, SOAR, and SIEM.
• Proficiency in at least one programming or scripting language: Python or PowerShell.
• Ability to think critically and lead technical investigations.
• Ability to handle high pressure situations in a calm, productive, and professional manner.
• Experience with static and dynamic file/malware triage desirable.

Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is ‘Serving our customers, communities and planet a little better every day’. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of, and for the planet.

We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves. We not only celebrate diversity but recognize the value and opportunity it brings. We're committed to creating a workplace where differences are valued, and all colleagues are given the same opportunities.