Tesco UK • Welwyn Garden City • Full-Time • Temporary • Apply by 21-Sep-2025

Overview

As a Junior Cyber Security Detection Engineer, you will contribute to the continuous improvement of Tesco's cyber security detection capability. You will understand the changing threat landscape, identify opportunities for improvement in existing detections, contribute to the detection lifecycle process, and ensure appropriate detection coverage for the organisation. You will work alongside multiple teams within the Cyber Defence Function, including supporting other Detection Engineers in a fast paced and agile environment.

Benefits

• Annual bonus scheme of up to 10% of base salary
• Holiday starting at 25 days plus a personal day (plus Bank holidays)
• 26 weeks maternity and adoption leave (after 1 year’s service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, plus 4 weeks fully paid paternity leave
• Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing

Responsibilities

• Contribute to the cyber security detection capability both day-to-day and strategically for the Tesco Group.
• Identify effective and comprehensive detection logic and capability; ensure detections are robust and not brittle.
• Prioritise the needs of operational teams and incident responders; ensure detections and alerts are relevant, of value, and include practical response steps as part of Detection Review & Tuning processes.
• Ensure detection capability is fit for on-premises, private, and public cloud environments, at scale across a diverse range of asset types.
• Provide support during cyber security incidents, participate in threat hunts, and collaborate with other security teams to deliver automation and standardisation to improve efficiency and response.

What you will need

• Security Engineering Skills
• Threat Led: Ability to assess and validate information on cyber and information security threats to the business; translate information into tangible actionable data.
• Secure & Test-Driven Engineering: Knowledge of threat frameworks such as MITRE ATT&CK and Lockheed Martin Kill Chain; ability to specify/implement processes to maintain security during a component/product/system lifecycle; contribute to security evaluation of threats/vulnerabilities; apply evaluation/testing methodologies to detector content reviews.
• Research: Ability to define research goals to generate worthwhile detection ideas and summarise findings for wider teams.

Experience

• An ability to develop queries and enable robust detection of threats.
• Working knowledge of Windows, macOS or Linux.
• Ability to work independently and as part of a team.
• Aware of modern attacker TTPs; translate threat intelligence into actionable searches & recommendations.
• Understanding of detection technologies such as SIEM, EDR; strong security concepts and an interest in cyber security.
• Analytical problem-solving skills and experience working on production systems at scale.
• Query languages such as KQL, SPL, SQL, etc.

Desirable Skills and Experience

• Knowledge of cloud infrastructure, cloud security, and cloud APIs.
• Knowledge of attacker tools and evasion techniques within offensive engineering.
• Working knowledge of at least one major programming language, including scripting languages like Python and PowerShell.
• Experience developing detections and using version control systems (e.g. GitHub) for code maintenance.

About us

Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is “Serving our customers, communities and planet a little better every day.” Serving means more than a transactional relationship with our customers; it means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet.

We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves. We celebrate diversity and are committed to creating a workplace where differences are valued and all colleagues have the same opportunities. We’re proud to be accredited Disability Confident Leader and provide an accessible recruitment process. For accessibility support, please click here.

We are a large organisation offering diverse full-time and part-time patterns across our business areas, with blended office and remote working. If you are applying internally, please speak to the Hiring Manager about how this can work for you. Everyone is welcome at Tesco.