Security Analyst II
- Full-time
- Technology CF Job Family: Security
- Group Function: Tesco Technology
Company Description
Tesco Bengaluru: We are a multi-disciplinary team creating a sustainable competitive advantage for Tesco by standardising processes, delivering cost savings, enabling agility, providing cutting-edge technological solutions and empowering our colleagues to do ever more for our customers. With cross-functional expertise in Global Business Services and Retail Technology & Engineering, a wide network of teams and strong governance we reduce complexity thereby offering high quality services for our customers. Tesco Bengaluru, established in 2004 to enable standardisation and build centralised capabilities and competencies, makes the experience better for our millions of customers worldwide and simpler for over 4,40,000 colleagues.
Tesco Technology consists of people from a number of different backgrounds, but having a common purpose to serve our shoppers a little better every day with our retail technological solutions. We shared a common interest in harnessing innovations in technology to enhance their shopping experience at Tesco stores. Whether making products, software or systems, our teams focuses on various aspects from taking strategic ownership of the architecture to delivering technological solutions such as design, testing, deployment, infrastructure, operation and security of the systems to ensure agile, smooth and safe operations. These help us to deliver the maximum business impact. Teams refine their internal processes to best fit their own needs, working to build core capabilities in application and services. We collaborate globally across teams to build end-to-end customer-facing solutions, as well as to share knowledge, experience, tools and techniques.
At Tesco, inclusion means that Everyone’s Welcome. Everyone is treated fairly and with respect; by valuing individuality and uniqueness we create a sense of belonging.
Diversity and inclusion have always been at the heart of Tesco. It is embedded in our values: we treat people how they want to be treated. We always want our colleagues to feel they can be themselves at work and we are committed to helping them be at their best.
Across the Tesco group we are building an inclusive workplace, a place to actively celebrate the cultures, personalities and preferences of our colleagues – who in turn help to build the success of our business and reflect the diversity of the communities we serve.
Tesco Technology consists of people from a number of different backgrounds, but having a common purpose to serve our shoppers a little better every day with our retail technological solutions. We shared a common interest in harnessing innovations in technology to enhance their shopping experience at Tesco stores. Whether making products, software or systems, our teams focuses on various aspects from taking strategic ownership of the architecture to delivering technological solutions such as design, testing, deployment, infrastructure, operation and security of the systems to ensure agile, smooth and safe operations. These help us to deliver the maximum business impact. Teams refine their internal processes to best fit their own needs, working to build core capabilities in application and services. We collaborate globally across teams to build end-to-end customer-facing solutions, as well as to share knowledge, experience, tools and techniques.
At Tesco, inclusion means that Everyone’s Welcome. Everyone is treated fairly and with respect; by valuing individuality and uniqueness we create a sense of belonging.
Diversity and inclusion have always been at the heart of Tesco. It is embedded in our values: we treat people how they want to be treated. We always want our colleagues to feel they can be themselves at work and we are committed to helping them be at their best.
Across the Tesco group we are building an inclusive workplace, a place to actively celebrate the cultures, personalities and preferences of our colleagues – who in turn help to build the success of our business and reflect the diversity of the communities we serve.
Job Description
Security Analyst II (IAM) – Application Controls
About the Cyber Security Team
Our cyber security team are the eyes and ears of our organisation. We use the latest technologies to increase visibility and protection of systems services and data. To do this we need to stay ahead of the latest threats and continuously improve our tooling techniques and processes.
Responsible for developing and running security processes day-to-day for the Tesco Group we’re continually working to step change security capability to further enhance the protection and controls that we offer for our customers and colleagues across the UK Europe and Asia and we’re looking to add great people to our growing team.
We believe that skilled and passionate people are our greatest asset in reducing risk to our business and customers. We encourage and support continual development and learning and recognise the importance of keeping up with changes in technology and an evolving threat landscape.
About The Identity and Access Management (IAM) Team
With 440 000 people working across the Tesco group managing access levels as colleagues join move and leave presents a significant scale challenge. We’re working to ensure access to our applications servers and databases remains appropriate and in line with policy across our estate.
The Identity and Access Management team is made up of Security Analysts Product Managers Engineers and Operations Analysts working across the Tesco group to improve our IAM controls throughout the colleague lifecycle. We’re responsible for ensuring key controls are in place encompassing joiner/mover/leaver access requests reviews and the contingent worker lifecycle.
About the role
As a Security Analyst II specialising in applications you will be responsible for ensuring compliance with security policies across our application estate notably key financial controls applications.
As Tesco is a fast-moving organisation our technical environment is always evolving. Security Analysts are key engagement points for application teams to ensure ongoing compliance and advise on IAM standards for newly developed/purchased applications.
This role will require the candidate to work with both Operations Engineering and Product teams across the Tesco group in order to investigate understand and remediate non-compliant accounts in line with policy covering orphan accounts management leaver controls unauthorised access provisioning mover management and user entitlement reviews (UER).
You will also work with local Engagement Managers in the IAM team to understand analyse and implement roles-based access requirements where required.
This role will support the Access Control team in advanced queries relating to application access controls and will be responsible for ensuring that the UER cycle defined in security policy is delivered.
A background in applying application access controls at scale is important for this role; an understanding of typical application authorisation models is key.
Key Skills and Experience
You’ll need to have demonstrated experience of:
-Working to establish access controls in applications with large user bases.
-Experience managing ongoing controls for financial applications.
-Experience running UER (review) cycles across multiple applications.
-A working understanding of common application authorisation models.
-Strong written and verbal communication skills: articulating insight gained through data analysis to others; making recommendations for next steps and remedial actions/improvements.
-Reporting progress to stakeholders on a regular basis.
-Experience working with teams across countries.
-A broad understanding of security concepts; an interest and passion for Cyber Security.
-An ability to effectively prioritise your work given conflicting demands.
-Showing consistently high energy levels; aspiring to make a significant difference over and above your core responsibilities.
-Bachelors degree or demonstrable experience required; postgraduate degree desirable
About the Cyber Security Team
Our cyber security team are the eyes and ears of our organisation. We use the latest technologies to increase visibility and protection of systems services and data. To do this we need to stay ahead of the latest threats and continuously improve our tooling techniques and processes.
Responsible for developing and running security processes day-to-day for the Tesco Group we’re continually working to step change security capability to further enhance the protection and controls that we offer for our customers and colleagues across the UK Europe and Asia and we’re looking to add great people to our growing team.
We believe that skilled and passionate people are our greatest asset in reducing risk to our business and customers. We encourage and support continual development and learning and recognise the importance of keeping up with changes in technology and an evolving threat landscape.
About The Identity and Access Management (IAM) Team
With 440 000 people working across the Tesco group managing access levels as colleagues join move and leave presents a significant scale challenge. We’re working to ensure access to our applications servers and databases remains appropriate and in line with policy across our estate.
The Identity and Access Management team is made up of Security Analysts Product Managers Engineers and Operations Analysts working across the Tesco group to improve our IAM controls throughout the colleague lifecycle. We’re responsible for ensuring key controls are in place encompassing joiner/mover/leaver access requests reviews and the contingent worker lifecycle.
About the role
As a Security Analyst II specialising in applications you will be responsible for ensuring compliance with security policies across our application estate notably key financial controls applications.
As Tesco is a fast-moving organisation our technical environment is always evolving. Security Analysts are key engagement points for application teams to ensure ongoing compliance and advise on IAM standards for newly developed/purchased applications.
This role will require the candidate to work with both Operations Engineering and Product teams across the Tesco group in order to investigate understand and remediate non-compliant accounts in line with policy covering orphan accounts management leaver controls unauthorised access provisioning mover management and user entitlement reviews (UER).
You will also work with local Engagement Managers in the IAM team to understand analyse and implement roles-based access requirements where required.
This role will support the Access Control team in advanced queries relating to application access controls and will be responsible for ensuring that the UER cycle defined in security policy is delivered.
A background in applying application access controls at scale is important for this role; an understanding of typical application authorisation models is key.
Key Skills and Experience
You’ll need to have demonstrated experience of:
-Working to establish access controls in applications with large user bases.
-Experience managing ongoing controls for financial applications.
-Experience running UER (review) cycles across multiple applications.
-A working understanding of common application authorisation models.
-Strong written and verbal communication skills: articulating insight gained through data analysis to others; making recommendations for next steps and remedial actions/improvements.
-Reporting progress to stakeholders on a regular basis.
-Experience working with teams across countries.
-A broad understanding of security concepts; an interest and passion for Cyber Security.
-An ability to effectively prioritise your work given conflicting demands.
-Showing consistently high energy levels; aspiring to make a significant difference over and above your core responsibilities.
-Bachelors degree or demonstrable experience required; postgraduate degree desirable
Qualifications
Working knowledge on access controls in applications with large user bases experience managing ongoing controls for financial applications compliance on IAM standards. Good knowledge of SQL. Scripting Language desirable (Python PowerShell)