Security Manager - SOC

Job Description

As a Security Manager within Tesco’s Security Operations Centre (SOC), focused on transformation and change, you will lead the evolution of our cyber defence capabilities, ensuring the proactive protection of a retail ecosystem that serves millions of customers. You will empower and support the development of a high-performing team of analysts, aligning operational outcomes with Tesco’s strategic business priorities. This role is central to maintaining operational resilience whilst driving continuous change across people, process and technology. Acting as a guardian of both performance and transformation, you will enable innovation, including the responsible adoption of Artificial Intelligence (AI), to deliver a modern, customer-first cyber defence capability. This role reports to the SOC Manager and forms a key role within our Investigation & Incident Response management team.

· Lead SOC Transformation & Change: Define and deliver the SOC roadmap, ensuring new capabilities (process, tooling, AI, and operating models) are effectively scoped, implemented, and embedded without compromising operational performance.

· Drive Operational Excellence: Ensure the SOC operates at high performance, maintaining strong detection and response capability, service reliability, and measurable outcomes aligned to business risk.

· Enable Innovation: Champion the adoption of Applied AI and automation to optimise SOC workflows, reduce analyst toil, and improve the quality and speed of investigation and response.

· Develop High-Performing Teams: Lead, mentor, and grow a diverse team of security professionals, fostering a culture of inclusion, continuous learning, and engineering-led ways of working.

· Strengthen Stakeholder Engagement: Act as a senior interface between Cyber Defence, Technology, and Business stakeholders, clearly communicating risk, influencing outcomes, and aligning priorities.

· Own Service & Product Mindset: Embed a product and service-oriented approach within the SOC, ensuring changes are outcome-driven, measurable, and aligned to customer and organisational needs.

Essential

· Leadership & Team Development: Demonstrable experience leading and managing technical teams, including coaching, performance development, and building inclusive, high-performing environments.

· Strategic Thinking & Problem Solving: Proven ability to define and execute strategic roadmaps, translating complex challenges into clear, actionable plans aligned to business objectives.

· Communication & Influencing: Strong capability to communicate complex cyber risks effectively to both technical and non-technical stakeholders, influencing decisions at senior levels.

· Operational Cyber Expertise: Demonstrable understanding of threat detection and incident response practices, ensuring the SOC delivers effective, timely, and high-quality defensive outcomes.

· Change Leadership: Experience embracing and enabling change, successfully integrating new tools, processes, and operating models whilst maintaining service continuity.

· Operational Tooling Awareness: Exposure to SOC tooling such as Zendesk and xMatters, and an understanding of how workflow, escalation, and incident management processes are orchestrated.

· Applied AI Awareness: Foundational understanding of how AI and automation can be applied to cyber defence operations, particularly in improving efficiency and decision-making.

· Technical Interviewing & Talent Building: Experience in hiring and assessing technical talent, building teams that meet both current and future capability needs.

· Collaboration & Inclusion: Demonstrable commitment to fostering inclusive teams and working effectively across diverse technology and security domains.

Desirable

· Awareness of core technology landscape and retail systems, and how cyber risk translates into customer and business impact.

· Understanding of cyber incident management models and escalation frameworks across enterprise environments.

· Familiarity with core cyber defence technologies (e.g. SIEM, Endpoint Detection and Response (EDR), Security Orchestration, Automation and Response (SOAR)).

· Knowledge of cloud and container security, and modern technology architectures.

· Experience with product methodologies and service-oriented delivery models.

· Exposure to data analytics and insights to drive operational decision-making and performance improvement.

· Experience managing budgets, vendors, or procurement processes within a technical environment.

· Demonstrated curiosity, learning mindset, and contribution to professional communities.

· Awareness of responsible AI governance principles and how they apply to operational environments.

· Familiarity with engineering and development lifecycle concepts to better align security with technology delivery.

· GIAC certification and or relevant certifications such as CISSP or CISM

· A relevant degree, with professional experience.

You might know us as a supermarket, technology company or even for our award-winning mobile network. Truth is, we’re all of those things, and much more. Our colleagues work with one goal in mind, helping to make every day a little better for our customers, colleagues and communities all over the world. No two customers are the same, neither are our colleagues. At Tesco, we champion a balance that lets you thrive both in and out of work. Spend 60% of your week collaborating with colleagues at our office locations or local sites and the rest remotely. Whether you're just kicking off your career, juggling passions, or navigating big life events, we're here to support you. We always welcome a conversation about flexible working, so talk to us throughout your application about how we can support. We're proud to be an accredited Disability Confident Leader, where everyone’s welcome. That’s why we commit to providing a fully inclusive and accessible recruitment process. If you need support with your application, click here for more information. And if you're interested in joining our team but don't tick every box, don't let that hold you back from applying.