Senior Security Engineer - Detection Engineering

Job Description

As a Senior Security Engineer in Tesco’s Detection Engineering team, you will lead the technical design of security-first infrastructure and deliver high-impact engineering outcomes that protect a global retail ecosystem serving millions of customers. You will translate complex threat and risk signals into resilient, testable, and automated security capabilities across Tesco’s technology landscape. This role blends deep engineering leadership with a customer-first mindset: preventing disruption, safeguarding trust, and raising the bar on engineering quality across cyber defence. You will also mentor engineers and help shape an innovation agenda that strengthens Tesco’s ability to detect and withstand sophisticated cyber threats.

• Design, build and deploy complex, high‑reliability security capabilities that offer proactive visibility into Tesco’s estate and materially reduce risk to customer services and operational continuity.
• response integration), ensuring maintainable, scalable outcomes.
• Champion secure, test‑driven engineering, including code quality, automated testing, peer review and repeatable delivery practices across the team.
• Identify opportunities and pilot AI-assisted and automation-driven approaches that improve detection lifecycle effectiveness (e.g., faster development, tuning, and quality assurance), ensuring changes deliver measurable improvements rather than novelty
• Coach and support junior engineers, building confidence in modern development practices, problem-solving, and pragmatic security design decisions.
• Work seamlessly with Security Operations, Threat Intelligence, platform teams and product/engineering stakeholders to deliver integrated defences—communicating clearly, influencing effectively, and fostering an inclusive, high‑performing culture.

• and how to deliver production-grade solutions safely (from design through build, test, deploy, operate and improve).
• with evidence of writing clean, maintainable code or scripts and applying appropriate patterns for reliability, scalability, and operational support.
• with evidence of having developed custom detections and familiarity on working with data in an at-scale product.
• (threat-aware design, secure defaults, automated tests, and disciplined change control) and how these practices raise the quality bar across a team.
• and how they underpin detection and response outcomes (e.g., telemetry sources, detection platforms, triage workflows, and response integration).
• fundamentals at scale—how to convert hypotheses about adversary behaviour into effective detections, how to reduce noise without impacting visibility, and how to sustain quality over time.
• evidence of curiosity, continuous learning, and proactive professional development, including sharing knowledge and improving team practice.
• proven ability to foster an environment where diverse perspectives are welcomed, engineers are supported, and collaboration is the default.
• exposure to evaluating emerging techniques (including AI-assisted approaches) with sound judgement—balancing value, safety, and operational reality.

Desirable:

• Exposure to a core technology landscape and strong retail technology awareness, including how customer journeys and store/online operations shape risk.
• Demonstrable understanding of security evaluation and functionality testing, including validating controls and detections against expected outcomes.
• Cloud & container security knowledge, including common control patterns and engineering approaches to hardening cloud-native services.
• Applied AI for cyber defence familiarity (e.g., AI-assisted engineering, triage support, enrichment), and awareness of AI governance / responsible AI considerations.
• Strong research habits and data-informed decision making (using insights to tune detections, prioritise engineering effort, and quantify improvements).
• Experience working with delivery and operational tooling such as GitHub & Jira, and incident collaboration tooling such as Zendesk & xMatters.
• Experience with a querying language such as SPL, KQL, SQL etc. in a Security Environment.
• Communication and influencing skills across engineering, product and security stakeholders; comfort guiding decisions under ambiguity and driving change.
• Familiarity with product methodologies and security architecture concepts to help shape “secure-by-design” outcomes across teams.

You might know us as a supermarket, technology company or even for our award-winning mobile network. Truth is, we’re all of those things, and much more. Our colleagues work with one goal in mind, helping to make every day a little better for our customers, colleagues and communities all over the world. No two customers are the same, neither are our colleagues. At Tesco, we champion a balance that lets you thrive both in and out of work. Spend 60% of your week collaborating with colleagues at our office locations or local sites and the rest remotely. Whether you're just kicking off your career, juggling passions, or navigating big life events, we're here to support you. We always welcome a conversation about flexible working, so talk to us throughout your application about how we can support. We're proud to be an accredited Disability Confident Leader, where everyone’s welcome. That’s why we commit to providing a fully inclusive and accessible recruitment process. If you need support with your application, click here for more information. And if you're interested in joining our team but don't tick every box, don't let that hold you back from applying.