Senior Security Analyst - Vulnerability Management

About the role

Tesco Technology is seeking a Senior Security Analyst to join the Vulnerability Management team. This role offers an exciting opportunity for a security-focused individual to contribute to a large and complex organization. The successful candidate will be hands-on, focusing on the availability and reliability of data and reporting, and will collaborate with other teams to enhance prevention, detection, and remediation capabilities. The primary responsibility is to provide actionable insights into the security posture of systems and platforms, prioritizing remediation efforts and ensuring effective security controls across on-premises and public environments.

What is in it for you

We offer excellent benefits, including:

• An annual bonus scheme up to 20% of base salary
• Colleague Clubcard with a 2nd card for a family member after 6 months, with 10% off most purchases at Tesco
• Holiday entitlement starting at 25 days plus a personal day
• A retirement savings plan with 4%-7.5% contributions
• Life Assurance - 5x contractual pay
• Buy As You Earn and Save As You Earn schemes
• Deals & discounts through Tesco and external partners

You will be responsible for

• Maintaining vulnerability scanning platforms and analyzing vulnerabilities
• Prioritizing remediation efforts based on risk
• Collaborating with engineering teams to remediate issues
• Building reporting capabilities for stakeholders and leadership
• Data correlation and trend analysis
• Reviewing submissions from Bug Bounty programs
• Developing guardrails and standards to reduce vulnerabilities

You will need

• Diverse experiences and a culture of collaboration and innovation
• Proactivity and independence in operations
• Resilience and ownership of issues
• A passion for technology
• At least 4 years of experience in IT Security
• Experience with security incidents, vulnerability scanning tools like Qualys and Tenable
• Ability to assess vulnerability criticality and risk
• Expertise in networking, web services, and application testing
• Knowledge of DNS and network controls
• Up-to-date threat intelligence skills
• Experience in risk reporting and audit documentation

About us

Our vision at Tesco is to become every customer's favorite way to shop. Our core purpose is 'Serving our customers, communities, and planet a little better every day'. We value diversity, equity, and inclusion, and are committed to an accessible, inclusive recruitment process. We offer flexible working patterns and a blended approach of office and remote work, fostering collaboration and innovation.