Job Specifications
About the role
Our Cyber Threat Intelligence
(CTI) team drives proactive cybersecurity defence by collecting, analysing, and
disseminating actionable intelligence to protect the organisation from evolving
threats. We focus on anticipating and mitigating risks by identifying emerging
threats and reducing uncertainty. Our CTI team collaborates closely with
internal teams, including Security Operations, Incident Response, Vulnerability
Management, and Security Engineering, as well as external intelligence-sharing
communities, to enhance detection, response, and our understanding of the
global threat landscape. We are committed to continuous improvement, evolving
our tools, processes, and methodologies to ensure Tesco remains secure. If
you’re looking to join a forward-thinking team that values impactful
collaboration and a shared mission to protect a leading organisation, the CTI
team at Tesco could be the perfect fit for you.
As a Security Analyst in the CTI team, you will be responsible for
delivering day-to-day operations, including the collection, processing, and
analysis of threat intelligence to produce actionable insights. You will
support strategic and operational intelligence initiatives by researching,
monitoring, and assessing cyber threats, tactics, techniques, and procedures
(TTPs), and ensuring it is shared with our teams. Additionally, you will engage
in tactical intelligence activities to help detect and respond to immediate
threats. You will also play an active role in improving the overall service capability
and helping reduce cyber threats
You will be responsible for
Business Understanding and Strategy
·
Following our Business Code of Conduct and always acting
with integrity and due diligence.
·
Continued understanding of Tesco’s business operations,
goals, and priorities to gather relevant threat intelligence.
·
Staying informed on Tesco’s cybersecurity strategy and
security controls.
Operational Excellence
·
Delivering day-to-day CTI operations consistent with
Standard Operating Procedures for high-quality service delivery.
·
Improving CTI workflows, tools, and methodologies with
automation to improve effectiveness and efficiency.
·
CTI service continuous improvement, focusing on quality to
maintain high standards, and supporting audits.
Threat Intelligence
Collection, Analysis and Product
·
Staying close to the threat landscape and threat actors,
tools, and techniques.
·
Collecting information from various open, closed, and
proprietary sources.
·
Conduct comprehensive analysis of, and understand,
adversary TTPs.
·
Conducting intrusion analysis to identify and understand
unauthorised access attempts and activities.
·
Analysis of complex structured and unstructured datasets
to identify trends, patterns, correlations, and risks.
·
Assisting with malware triage, including static and
dynamic analysis, to identify and mitigate threats.
·
Ensuring Threat Intelligence Platforms, SIEMs, and
endpoint detection platforms are used to correlate threats.
· Delivering
high-quality strategic, operational, and tactical intelligence products for internal/and
trusted external stakeholders.
Collaboration and Support
·
Supporting Security Operations, Threat Hunting, and
engineering teams through prioritised intelligence requirements.
·
Aligning to cyber frameworks such as MITRE ATT&CK,
Cyber Kill Chain, Pyramid of Pain, and Diamond Model to contextualise threats.
Continuous Learning and
Adaptation
·
Staying current on threat trends, tools, and techniques
to ensure effective defensive strategies.
You will need
Data
Analysis and Intelligence
·
Proven analytical skills of large complex structured
and unstructured datasets using query languages.
·
Experience of intelligence collection and
processing techniques, including OSINT.
·
Exposure to Structured Analytic Techniques (like
ACH) and quantitative methods.
·
Application of cyber frameworks like MITRE
ATT&CK, Cyber Kill Chain, and Diamond Model in pursuit of producing
high-quality intelligence.
·
Assisting with malware triage, including static and
dynamic analysis, to identify and mitigate threats.
·
Awareness of emerging threat trends, tools, and
techniques.
Technical
Proficiency
·
Hands-on problem-solving and critical thinking
skills.
·
Proficiency in scripting and processing tools
(e.g., Python, PowerShell, Excel) for analysis, task automation, and workflow
improvements.
·
Broad knowledge of cybersecurity domain and security
controls and their role in mitigating threats.
Communication
and Collaboration
·
Strong written and verbal skills to produce
tailored intelligence products for all levels.
·
Collaborating with the shared pursuit of securing
the business, whilst fostering trust and belief in each other.
·
Supporting new relationships through active
participation in intelligence-sharing communities.
Continuous
Improvement and Adaptation
·
Proactive, attention to detail and curious.
·
Commitment to continuous improvement through
workflow optimisation and automation.
Experience relevant for this job:
·
2-4 years of cybersecurity analysis experience in roles
like: Threat Intelligence, Security Operations, or Incident Response.
·
Candidates with a strong Intelligence background
and proven technical skills also considered.
·
Experience of delivery into large complex enterprises.
·
CTI relevant certifications or industry equivalent
(desirable).
·
Cybersecurity, Information Technology, or a STEM
field degree (desirable).
Whats in it for you?
We’re all about the little helps. That’s why we make sure our Tesco colleague benefits package takes care of you – both in and out of work. Click Here to find out more!
Annual bonus scheme of up to 20% of base salary
Holiday starting at 25 days plus a personal day (plus Bank holidays)
Private medical insurance
26 weeks maternity and adoption leave (after 1 years’ service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 4 weeks fully paid paternity leave
Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing
About Us
Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is ‘Serving our customers, communities and planet a little better every day’. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet.
We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves. At Tesco, we not o...