Tesco Bengaluru: We are a multi-disciplinary team creating a sustainable competitive advantage for Tesco by standardising processes, delivering cost savings, enabling agility, providing cutting-edge technological solutions and empowering our colleagues to do ever more for our customers. With cross-functional expertise in Global Business Services and Retail Technology & Engineering, a wide network of teams and strong governance we reduce complexity thereby offering high quality services for our customers. Tesco Bengaluru, established in 2004 to enable standardisation and build centralised capabilities and competencies, makes the experience better for our millions of customers worldwide and simpler for over 4,40,000 colleagues.

Tesco Technology consists of people from a number of different backgrounds, but having a common purpose to serve our shoppers a little better every day with our retail technological solutions. We shared a common interest in harnessing innovations in technology to enhance their shopping experience at Tesco stores. Whether making products, software or systems, our teams focuses on various aspects from taking strategic ownership of the architecture to delivering technological solutions such as design, testing, deployment, infrastructure, operation and security of the systems to ensure agile, smooth and safe operations. These help us to deliver the maximum business impact. Teams refine their internal processes to best fit their own needs, working to build core capabilities in application and services. We collaborate globally across teams to build end-to-end customer-facing solutions, as well as to share knowledge, experience, tools and techniques.

At Tesco, inclusion means that Everyone’s Welcome. Everyone is treated fairly and with respect; by valuing individuality and uniqueness we create a sense of belonging.
Diversity and inclusion have always been at the heart of Tesco. It is embedded in our values: we treat people how they want to be treated. We always want our colleagues to feel they can be themselves at work and we are committed to helping them be at their best.
Across the Tesco group we are building an inclusive workplace, a place to actively celebrate the cultures, personalities and preferences of our colleagues – who in turn help to build the success of our business and reflect the diversity of the communities we serve.

About the role
Our 20-person Security Architecture team supports hundreds of developers deploying cross
cloud, using cutting edge technologies, and at scale. We have a new role to provide
additional support for one of our product domain. The engineering teams are responsible
for their own security, so we need to act differently than a traditional security team. We’re
partners, not security police.. and we go as far as calling ourselves as Security Partners, not
Security Architect or Consultant.
Our engineering teams have tremendous freedom in their work and the corresponding
responsibility to do the right thing for our customers. Instead of controlling our engineering
teams with process and security gates, we enable them to innovate by providing security
advice to make the right decisions for Tesco. The good news is that our engineering teams
are (usually) willing partners in doing better security, more efficiently and earlier in the
process. We want you to help us scale out this security engagement.
So…why Tesco?
There is a huge amount of technology needed to serve our customers well, and the diversity
and scale of our projects means wildly different security challenges. Some current major
initiatives include
• Our strategic goals to move away from off-the-shelf spaghetti software to Tesco developed
and managed platforms. Tesco retail platform is a great example!
• We’re the original big data company in the UK. Tesco Clubcard has been going for 25 years
and we’re heavily data driven
• We’ve a large multi-cloud service-mesh initiative underway. Dead simple if you’re just doing
it on a single k8s cluster, but much harder at our scale and with polyglot tech stacks
• We are heavily invested in revamping and increasing the network security tooling and
monitoring for our on-prem, private and public cloud
• We are building our next-generation on-prem private cloud hyper converged infrastructure
platform
• We’re investing heavily in AI/ML in areas such as computer vision and natural language
processing to better support our customer channels
• We’ve a great network and systems (infrastructure) engineering team developing tooling to
improve security at scale, and who you will be working closely with
• And we’ve a great application security engineering team developing tools to improve
security at scale, and who you will be working closely with
Tesco has fully embraced devops and agile methods to develop our enterprise APIs, services
and cloud capabilities. Our 100+ delivery teams have loads of Docker, Kubernetes and
microservices galore across Azure and AWS, so our security approach must work with
elastic, here today, gone tomorrow infrastructure. Our security approaches should be eventdriven,
real-time and effective. Weekly scans are so 2010.

You might think that retail is a bit slow and sleepy, but we’re doing some cool stuff.

You will be responsible for
Developing a strong security partnership with a domain under Tesco Technology
These roles are about transforming the way security is delivered within the domains and
Engineering teams. We have different security challenges, and this role is to help teams
navigate that change successfully. The boundary between infrastructure and application has
virtually disappeared and being secure means support through the entire SDLC – from
creating requirements to threat modelling during design, performing application
assessments to production and ops.
On a day-to-day basis you will
• Champion positive security change within the teams you support. Teams will look to you to
for direction and guidance on all security matters but there’s a whole security organisation
to back you up, so that’s not as scary as it sounds
• Help product teams deliver new business features securely, while balancing and clearly
articulating technical and business risk
• You will be expected to drive the deployment/integration of security capabilities into the
engineering teams within the product domain. Reducing friction is paramount and we’re all
about fast feedback within existing workflows, not adding another console for a developer to
check
• Support teams in a collaborative manner in matters of application, cloud and data security,
with threat modelling, risk treatment and security advice across all security domains. If you
can raise a PR (Pull Request) to fix a security issue, do so
• Effectively manage cross-functional internal and external team collaboration, and
communications
• Utilize a wide array of security platforms, protocols, tools, and technologies.
• Excellent interpersonal, facilitation, and leadership skills along with effective
communication (both written and verbal) skills.
Longer-term, the nature of the role also means you are expected to identify new problem
spaces, propose fixes and engage across disciplines. In other words, we want you to
innovate and will give you the room to do so. If you can think of ways to do security, faster,
more accurately, with greater consistency and at scale while minimising friction, you’ll be
supported all the way.
What the role isn’t…
You won’t be selecting and deploying commercial endpoint solutions, building SOC (Security
Operations Centre) capabilities or doing much in the IAM or networking space. We have
engineering and operational teams for all those sorts of things. We have a security
architecture framework to work within, but you won’t get told how to perform the role, it’s
yours to shape in whatever way works best for your product and engineering stakeholders.

You will need
Technical
To excel in this position, we expect you to have the following:
• 12 years of work experience with a bachelor’s degree or at least 10 years of work experience
with an master degree (e.g. Masters/MBA)
• A minimum of 5 years of experience in the security engineering and related areas.
• Solid security experience across common security domains. The technology might have
changed but most of the security challenges haven’t
• Familiarity with complex global cybersecurity infrastructure designs preferred
• A thorough understanding of modern application development practices so that new
security capabilities can be introduced while minimising developer friction
• Hands-on experience with complex Azure and AWS architectures with an emphasis on
containerised workloads in k8s. Command-line/API experience is highly desirable as
security automation is a strategic priority
• Some coding experience in something - Java, JavaScript, C#, bash, python or PowerShell. You
don’t need to “be a developer” but you do need to understand the implications of security on
engineering velocity
• One or more certifications such as CISSP, CEH, CISM, CISA, CompTIA, CCNA, CCNP, and
similar ones

If you’ve got AWS and Azure certifications, great! If you have only one, we’ll train you in the other. If you have neither, that’s a more challenging conversation, but may not be a showstopper if you stand out in other areas.

The human side
Tesco places a great emphasis on our colleague culture. We’re a highly collaborative
company and you can expect to deal with multiple teams with different ways of
working. Our goal is to be an enabling team, so being able to adapt your style to better
support engineering teams will speed success. One of our core principles is “we treat people how they want to be treated” so empathy and understanding, along with self-motivation are genuinely as important as technical skills. In short, you like dealing with people and building strong professional relationships.

Cyber Security Network Security Information Technology Infrastructure and Public Cloud.

B.E/B.Tech or M.E/M.Tech/MCA/MSc in Engineering stream 

Important Notice: 

On behalf of Tesco Bengaluru, we must caution all job seekers and educational institutions that Tesco Bengaluru does not authorise any third parties to release employment offers or conduct recruitment drives via a third party. Hence, beware of inauthentic and fraudulent job offers or recruitment drives from any individuals or websites purporting to represent Tesco. Further, Tesco Bengaluru does not charge any fee or other emoluments for any reason (including without limitation, visa fees) or seek compensation from educational institutions to participate in recruitment events. 

Accordingly, please check the authenticity of any such offers before acting on them and where acted upon, you do so at your own risk. Tesco Bengaluru shall neither be responsible for honouring or making good the promises made by fraudulent third parties, nor for any monetary or any other loss incurred by the aggrieved individual or educational institution. 

In the event that you come across any fraudulent activities in the name of Tesco Bengaluru, please feel free report the incident at [email protected]