
Job Description
The Security Engineer III role focused on Infrastructure Security is responsible for overseeing and shaping security controls across core infrastructure platforms. This role focuses on securing virtual machines, container platforms, infrastructure as code, and desired state configuration technologies across on-premises and cloud environments.
The engineer works closely with infrastructure and cloud teams to ensure security is embedded into infrastructure services by design. They act as a senior technical specialist, driving security improvements, reducing risk through automation, and helping establish secure engineering practices.
• Secure Infrastructure Platforms: Implement and maintain security controls for virtual machine platforms, container environments, operating systems, and cloud infrastructure
• Infrastructure as Code Security: Develop and maintain security standards, policies, and guardrails for infrastructure delivered through Terraform, Bicep, or similar IaC technologies.
• Container & Kubernetes Security: Build and enhance security capabilities across container platforms, including image security, workload protection, runtime controls, admission policies, and Kubernetes hardening.
• Desired State Configuration & Platform Hardening: Define and maintain secure configuration baselines for Windows, Linux, containers, and cloud services using technologies such as Ansible or equivalent platforms.
• Security Automation: Develop automation and engineering solutions that improve prevention, detection, remediation, compliance validation, and operational efficiency.
• Secure Platform Design: Partner with infrastructure and platform engineering teams to provide security guidance, and ensure secure-by-design implementation.
Essential
• Infrastructure Security Expertise: Strong hands-on experience securing enterprise infrastructure platforms, including Windows, Linux, VMware, cloud platforms, and hybrid environments.
• Virtualisation Security: Experience securing virtual machine environments including platform hardening, configuration management, and workload protection.
• Container Security: Deep understanding of container and Kubernetes security principles, including image security, workload isolation, runtime protection, secret management, and cluster hardening.
• Infrastructure as Code: Proven experience developing and securing infrastructure using Terraform, Bicep or equivalent IaC technologies.
Desirable
- Experience with Kubernetes platforms such as AKS, EKS, OpenShift, or Tanzu.
- Experience implementing policy-as-code using technologies such as OPA Gatekeeper, Kyverno, Sentinel, or Azure Policy.
- Familiarity with supply chain security practices, software bill of materials (SBOM), and artifact security.
You might know us as a supermarket, technology company or even for our award-winning mobile network. Truth is, we’re all of those things, and much more. Our colleagues work with one goal in mind, helping to make every day a little better for our customers, colleagues and communities all over the world. No two customers are the same, neither are our colleagues. At Tesco, we champion a balance that lets you thrive both in and out of work. Spend 60% of your week collaborating with colleagues at our office locations or local sites and the rest remotely. Whether you're just kicking off your career, juggling passions, or navigating big life events, we're here to support you. We always welcome a conversation about flexible working, so talk to us throughout your application about how we can support. We're proud to be an accredited Disability Confident Leader, where everyone’s welcome. That’s why we commit to providing a fully inclusive and accessible recruitment process. If you need support with your application, click here for more information. And if you're interested in joining our team but don't tick every box, don't let that hold you back from applying.
Company benefits
Working at Tesco
Company employees:
Gender diversity (m:f):
Hiring in countries
Ireland
United Kingdom
Office Locations
Other jobs you might like
Senior Cyber Security Engineer
$131,000 – $271,600 per annum
Reston, US
Security Engineer II
Welwyn Garden City, UK
Sovereign Cloud Security Engineer Expert
$220,200 – $374,200 per annum
Reston, US