Lead Information Security Analyst

258340

FULL_TIME

Other

Permanent

Coventry Store Support Centre - Ansty Park and Home, Sainsbury's Store Support Centre Draken Drive Ansty Park, Coventry West Midlands, CV7 9RD

Competitive Plus Benefits

We’d all like amazing work to do, and real work-life balance. That’s waiting for you at Sainsbury’s. Think about the scale it takes for us to feed the nation. The level of data, transactions and variety it involves. Then you’ll realise that ours is a modern software engineering environment because it has to be. We’ve made serious investment into a Tech Academy and into setting standards and principles. We iterate, learn, experiment and push ways of working such as Agile, Scrum and XP. So you can look forward to awesome opportunities in everything from AI to reusable tech.

Job Title / Role Lead Information Security Analyst   Reporting to Information Security Manager – Sainsbury’s   Division/Dept Data Governance and Information Security (DGIS)   Location Coventry, Holborn, Manchester (Flexible)   In a nutshell   As Sainsbury’s continues to innovate and evolve the products we offer our customers, being the most trusted retailer is key. We integrate with multiple third parties and vendors and have a multi-cloud strategy to provide value and availability.    You will work with a small team of 4-5 Information Security Analysts. As a key member of the team, you will manage your own workload of InfoSec-related work for which you are personally responsible whilst helping manage and resolve complicated business and technical issues arising from the work of your colleagues.    The daily job is varied and involves reviewing and recommending improvements to security architecture, highlighting privacy concerns, engaging with Engineers and business stakeholders to ensure they are working within Sainsbury’s policies, and you will track and manage vulnerabilities to ensure they are remediated within the business SLAs.   The ideal candidate will have significant (8+ years) experience working within Information or Cyber Security and be passionate about continuous professional development. You will be asked to provide recent, industry-respect certificates if successful at interview to demonstrate your ongoing education.    Whilst this role isn’t ‘hands-on’ candidates are expected to have an in-depth knowledge of security technologies and how these are integrated in monolithic and microservice architectures.   What you need to do   <ul> <li>Provide technical, procedural and policy advice to business stakeholders and Engineers with sufficient detail </li> <li>Review requests to ensure they comply with company policy and best security practice prior to approval </li> <li>Conduct in-depth risk assessments and threat modelling alongside producing detailed documentation </li> </ul>     <ul> <li>Presenting findings to management alongside recommendations on how to secure our systems </li> <li>Advocate for innovative security solutions through persuasive quantitative evidence and presentation </li> <li>Mentoring, engaging and helping educate junior and senior colleagues across the InfoSec family </li> <li>Lead strategic initiatives to ensure cybersecurity is integrated at all phases across the business </li> <li>Ensuring that risks have been raised and being able to comprehensively explain the issues </li> <li>Provide subject matter expertise on the InfoSec domain that the candidate is expert at </li> <li>Evaluating requests from our suppliers to ensure they are fit for purpose </li> <li>Delivering weekly reporting to management and other stakeholders</li> <li>Co-ordinate complex incident response and recovery, working closely with Engineers and SOC colleagues</li> <li>Provide support to the Information Security Manager </li> </ul>   What you need to know and show   <ul> <li>A strong technical understanding of security to ensure systems are designed and built securely and to help continually improve our security posture</li> <li>Experience of working in a hybrid on-premises Active Directory- Microsoft Entra domain services environment </li> <li>Clear understanding of common Identity and Access Management topics – such as Privileged Access, Single Sign On, Conditional Access, Cloud Access Security Brokers & options for Workload Identities</li> <li>Familiarity with common Mobile Device and Endpoint Management solutions</li> <li>An understanding of the Microsoft Defender suite of products</li> <li>Awareness of Email & Web Security Gateway technologies</li> <li>Ability to understanding the operation of corporate networks and firewall solutions, including Wide Area Network considerations for multi-site deployments (inc. international)</li> <li>Consideration on how to assess the security of purchased Software-as-a-Service products</li> <li>Understanding of administrating the core Microsoft 365 suite of applications (e.g. Office, SharePoint, Teams, Viva, apps & plug-ins)</li> <li>Knowledge of other Microsoft enterprise services, such as Power Platform & Purview</li> <li>Familiarity with AI tooling such as Microsoft 365 / Security / GitHub Copilot.</li> <li>Experience with other common productivity & collaboration tools, such as Confluence, Miro, Adobe Cloud Suite</li> <li>Proficiency in Information & Records Management (e.g. retention periods / policies) and Data Loss Prevention, including previous experience with tooling to support such initiatives</li> <li>Ideally, some experience with Virtual Desktop services & various workstation deployment options (e.g. thin client, kiosk)</li> <li>Awareness of common hosting infrastructure options, such as hypervisor services & edge computing deployments</li> <li>Ability to understand and assess integrations between systems through methods such as APIs, Process Automation or Batch processing</li> <li>Nice to have knowledge of AWS, Azure, Oracle, GCP and SAP Clouds</li> <li>Risk Management experience and understanding of Risk Management Frameworks</li> <li>Strong analytical and report writing skills</li> <li>Appreciation of containerisation technologies such as Docker, Kubernetes etc.</li> <li>Experience with logging, monitoring, load balancing/proxies and API gateways</li> <li>Working knowledge of GitHub, Jenkins, Ansible, Chef and Puppet</li> <li>In-depth knowledge of the OWASP Top 10, Mitre ATT&CK, NIST frameworks, PCI-DSS and Cyber Kill Chain</li> <li>Familiarity with PAM, EDR, AV, IPS, SIEM, WAF and DLP technologies</li> <li>The ability to verify solutions and gain assurance that they are fit for purpose through demonstrable evidence of controls and testing</li> <li>Strong understanding of the changing threat landscape and how this may affect our systems</li> <li>The ability to challenge concerns and report through appropriate channels</li> <li>Self-drive, motivation and the ability to work independently to deliver expected outcomes</li> <li>Excellent teamwork and problem-solving skills by blending technical knowledge with business requirements</li> <li>In-depth understanding of data and security risks in a large enterprise</li> </ul>   Desirable Qualifications   • Preferred: Graduate in computer science or cybersecurity AND;    • One or more of the following security qualifications (in-date):    • CompTIA Security+ / CySA+ / CASP+  • GIAC GX-CS / GCIA / GX-IH / GX-IA  • Offensive Security Certified Professional (OSCP)  • One or more of the following technical qualifications (in-date):  • Certified Kubernetes Security Specialist (CKS)  • CompTIA Linux+ / LPIC-3 / Red Hat Certified Engineer (RHCE)  • CompTIA Network+ / Cisco Certified Networking Associate / Professional (CCNA or CCNP)  • Terraform Associate / Terraform Authoring and Operations Professional  • Vault Associate / Vault Operations Professional / Consul Associate  • MongoDB Certified Associate (Developer / Administrator / Data Modeler)    • One or more of the following governance qualifications (in-date):    • Certified Information Systems Security Professional (CISSP)  • Certified Information Security Manager (CISM)  • Certified AI Governance Professional (AIGP)  • Certified NIST Cybersecurity Framework Lead Implementer (CSF LI)    • One or more of the following cloud qualifications (in-date):    • CompTIA Cloud+  • Certified Cloud Security Professional (CCSP)  • Certificate of Cloud Security Knowledge (CCSK)  • Microsoft Certified: Azure Fundamentals / AWS Cloud Practitioner <ul> <li>Microsoft Certified: Identity and Access Administrator Associate</li> <li>Microsoft Certified: Cybersecurity Architect Expert</li> <li>Microsoft Certified: Azure Security Engineer Associate</li> </ul> • Google Professional Cloud Security Engineer / Cloud Developer • Certificate of Competence in Zero Trust (CCZT)    As well as lots of on-the-job training and endless opportunities, in return you’ll also enjoy: <ul> <li>Flexible working – tailored approach to balance your working from home and collaboration in the office, sensible freedom to shape your week and day working hours, offices in different locations</li> <li>Colleague discount across our brands – Sainsbury’s, Argos and Habitat </li> <li>Health cover</li> <li>Holiday allowance </li> <li>Bonus scheme </li> <li>Pension plan </li> <li>Special offers on gym memberships, restaurants, holidays, retail vouchers and more   </li> </ul>

We are committed to being a truly inclusive retailer, so you’ll be welcomed whoever you are and wherever you work. Around here, there’s always the chance to try something new - whether that’s as part of an evolving team or somewhere else across the business - and we take development seriously and promise to support you. We also recognise and celebrate colleagues when they go the extra mile and, where possible, offer flexible working. When you join our team, we’ll also offer you an amazing range of benefits. Here are some of them:    Starting off with colleague discount, you'll be able to get 10% off at Sainsbury's, Argos, TU and Habitat after 4 weeks. This increases to 15% off at Sainsbury’s every Friday and Saturday and 15% off at Argos every pay day. We've also got you covered for your future with our pensions scheme and life cover. You'll also be able to share in our success as you may be eligible for a performance-related bonus of up to 20% of salary, depending on how we perform.      Your wellbeing is important to us too. You'll receive an annual holiday allowance, and you can buy additional holiday. We also offer other benefits that will help your money go further such as season ticket loans, interest free car loan of up to £10k, cycle to work scheme, health cash plans, pay advance (where you can access some of your pay before pay day) as well access to a great range of discounts from hundreds of other retailers. And if you ever need it there is also an Employee Assistance Programme, you will also be eligible for private healthcare too. Moments that matter are as important to us as they are to you which is why we give up to 26 weeks’ pay for maternity or adoption leave and up to 4 weeks’ pay for paternity leave.     Please see www.sainsburys.jobs for a range of our benefits (note, length of service and eligibility criteria may apply).

2024-09-17 16:39:52

https://hdhe.fa.em3.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX/requisitions/preview/258340/apply/email?mode=location

Back to search

Lead Information Security Analyst

Salary: Competitive Plus Benefits
Location: Coventry Store Support Centre - Ansty Park and Home, Coventry, CV7 9RD
Contract type: Permanent
Business area: Sainsbury's Tech
Closing date: 01 October 2024
Requisition ID: 258340

We’d all like amazing work to do, and real work-life balance. That’s waiting for you at Sainsbury’s. Think about the scale it takes for us to feed the nation. The level of data, transactions and variety it involves. Then you’ll realise that ours is a modern software engineering environment because it has to be. We’ve made serious investment into a Tech Academy and into setting standards and principles. We iterate, learn, experiment and push ways of working such as Agile, Scrum and XP. So you can look forward to awesome opportunities in everything from AI to reusable tech.

Job Title / Role

Reporting to

Information Security Manager – Sainsbury’s

Division/Dept

Data Governance and Information Security (DGIS)

Location

Coventry, Holborn, Manchester (Flexible)

In a nutshell

As Sainsbury’s continues to innovate and evolve the products we offer our customers, being the most trusted retailer is key. We integrate with multiple third parties and vendors and have a multi-cloud strategy to provide value and availability.

You will work with a small team of 4-5 Information Security Analysts. As a key member of the team, you will manage your own workload of InfoSec-related work for which you are personally responsible whilst helping manage and resolve complicated business and technical issues arising from the work of your colleagues.

The daily job is varied and involves reviewing and recommending improvements to security architecture, highlighting privacy concerns, engaging with Engineers and business stakeholders to ensure they are working within Sainsbury’s policies, and you will track and manage vulnerabilities to ensure they are remediated within the business SLAs.

The ideal candidate will have significant (8+ years) experience working within Information or Cyber Security and be passionate about continuous professional development. You will be asked to provide recent, industry-respect certificates if successful at interview to demonstrate your ongoing education.

Whilst this role isn’t ‘hands-on’ candidates are expected to have an in-depth knowledge of security technologies and how these are integrated in monolithic and microservice architectures.

What you need to do

Provide technical, procedural and policy advice to business stakeholders and Engineers with sufficient detail
Review requests to ensure they comply with company policy and best security practice prior to approval
Conduct in-depth risk assessments and threat modelling alongside producing detailed documentation

Presenting findings to management alongside recommendations on how to secure our systems
Advocate for innovative security solutions through persuasive quantitative evidence and presentation
Mentoring, engaging and helping educate junior and senior colleagues across the InfoSec family
Lead strategic initiatives to ensure cybersecurity is integrated at all phases across the business
Ensuring that risks have been raised and being able to comprehensively explain the issues
Provide subject matter expertise on the InfoSec domain that the candidate is expert at
Evaluating requests from our suppliers to ensure they are fit for purpose
Delivering weekly reporting to management and other stakeholders
Co-ordinate complex incident response and recovery, working closely with Engineers and SOC colleagues
Provide support to the Information Security Manager

What you need to know and show

A strong technical understanding of security to ensure systems are designed and built securely and to help continually improve our security posture
Experience of working in a hybrid on-premises Active Directory- Microsoft Entra domain services environment
Clear understanding of common Identity and Access Management topics – such as Privileged Access, Single Sign On, Conditional Access, Cloud Access Security Brokers & options for Workload Identities
Familiarity with common Mobile Device and Endpoint Management solutions
An understanding of the Microsoft Defender suite of products
Awareness of Email & Web Security Gateway technologies
Ability to understanding the operation of corporate networks and firewall solutions, including Wide Area Network considerations for multi-site deployments (inc. international)
Consideration on how to assess the security of purchased Software-as-a-Service products
Understanding of administrating the core Microsoft 365 suite of applications (e.g. Office, SharePoint, Teams, Viva, apps & plug-ins)
Knowledge of other Microsoft enterprise services, such as Power Platform & Purview
Familiarity with AI tooling such as Microsoft 365 / Security / GitHub Copilot.
Experience with other common productivity & collaboration tools, such as Confluence, Miro, Adobe Cloud Suite
Proficiency in Information & Records Management (e.g. retention periods / policies) and Data Loss Prevention, including previous experience with tooling to support such initiatives
Ideally, some experience with Virtual Desktop services & various workstation deployment options (e.g. thin client, kiosk)
Awareness of common hosting infrastructure options, such as hypervisor services & edge computing deployments
Ability to understand and assess integrations between systems through methods such as APIs, Process Automation or Batch processing
Nice to have knowledge of AWS, Azure, Oracle, GCP and SAP Clouds
Risk Management experience and understanding of Risk Management Frameworks
Strong analytical and report writing skills
Appreciation of containerisation technologies such as Docker, Kubernetes etc.
Experience with logging, monitoring, load balancing/proxies and API gateways
Working knowledge of GitHub, Jenkins, Ansible, Chef and Puppet
In-depth knowledge of the OWASP Top 10, Mitre ATT&CK, NIST frameworks, PCI-DSS and Cyber Kill Chain
Familiarity with PAM, EDR, AV, IPS, SIEM, WAF and DLP technologies
The ability to verify solutions and gain assurance that they are fit for purpose through demonstrable evidence of controls and testing
Strong understanding of the changing threat landscape and how this may affect our systems
The ability to challenge concerns and report through appropriate channels
Self-drive, motivation and the ability to work independently to deliver expected outcomes
Excellent teamwork and problem-solving skills by blending technical knowledge with business requirements
In-depth understanding of data and security risks in a large enterprise

Desirable Qualifications

• Preferred: Graduate in computer science or cybersecurity AND;

• One or more of the following security qualifications (in-date):

• CompTIA Security+ / CySA+ / CASP+

• GIAC GX-CS / GCIA / GX-IH / GX-IA

• Offensive Security Certified Professional (OSCP)

• One or more of the following technical qualifications (in-date):

• Certified Kubernetes Security Specialist (CKS)

• CompTIA Linux+ / LPIC-3 / Red Hat Certified Engineer (RHCE)

• CompTIA Network+ / Cisco Certified Networking Associate / Professional (CCNA or CCNP)

• Terraform Associate / Terraform Authoring and Operations Professional

• Vault Associate / Vault Operations Professional / Consul Associate

• MongoDB Certified Associate (Developer / Administrator / Data Modeler)

• One or more of the following governance qualifications (in-date):

• Certified Information Systems Security Professional (CISSP)

• Certified Information Security Manager (CISM)

• Certified AI Governance Professional (AIGP)

• Certified NIST Cybersecurity Framework Lead Implementer (CSF LI)

• One or more of the following cloud qualifications (in-date):

• CompTIA Cloud+

• Certified Cloud Security Professional (CCSP)

• Certificate of Cloud Security Knowledge (CCSK)

• Microsoft Certified: Azure Fundamentals / AWS Cloud Practitioner

Microsoft Certified: Identity and Access Administrator Associate
Microsoft Certified: Cybersecurity Architect Expert
Microsoft Certified: Azure Security Engineer Associate

• Google Professional Cloud Security Engineer / Cloud Developer

• Certificate of Competence in Zero Trust (CCZT)

As well as lots of on-the-job training and endless opportunities, in return you’ll also enjoy:

Flexible working – tailored approach to balance your working from home and collaboration in the office, sensible freedom to shape your week and day working hours, offices in different locations
Colleague discount across our brands – Sainsbury’s, Argos and Habitat
Health cover
Holiday allowance
Bonus scheme
Pension plan
Special offers on gym memberships, restaurants, holidays, retail vouchers and more

We are committed to being a truly inclusive retailer, so you’ll be welcomed whoever you are and wherever you work. Around here, there’s always the chance to try something new - whether that’s as part of an evolving team or somewhere else across the business - and we take development seriously and promise to support you. We also recognise and celebrate colleagues when they go the extra mile and, where possible, offer flexible working. When you join our team, we’ll also offer you an amazing range of benefits. Here are some of them:

Starting off with colleague discount, you'll be able to get 10% off at Sainsbury's, Argos, TU and Habitat after 4 weeks. This increases to 15% off at Sainsbury’s every Friday and Saturday and 15% off at Argos every pay day. We've also got you covered for your future with our pensions scheme and life cover. You'll also be able to share in our success as you may be eligible for a performance-related bonus of up to 20% of salary, depending on how we perform.

Your wellbeing is important to us too. You'll receive an annual holiday allowance, and you can buy additional holiday. We also offer other benefits that will help your money go further such as season ticket loans, interest free car loan of up to £10k, cycle to work scheme, health cash plans, pay advance (where you can access some of your pay before pay day) as well access to a great range of discounts from hundreds of other retailers. And if you ever need it there is also an Employee Assistance Programme, you will also be eligible for private healthcare too.

Moments that matter are as important to us as they are to you which is why we give up to 26 weeks’ pay for maternity or adoption leave and up to 4 weeks’ pay for paternity leave.

Please see www.sainsburys.jobs for a range of our benefits (note, length of service and eligibility criteria may apply).

Lead Information Security Analyst

Salary: Competitive Plus Benefits Location: Coventry Store Support Centre - Ansty Park and Home, Coventry, CV7 9RD Contract type: Permanent Business area: Sainsbury's Tech Closing date: 01 October 2024 Requisition ID: 258340

Want to learn more about our teams?

Salary: Competitive Plus Benefits
Location: Coventry Store Support Centre - Ansty Park and Home, Coventry, CV7 9RD
Contract type: Permanent
Business area: Sainsbury's Tech
Closing date: 01 October 2024
Requisition ID: 258340