Information Security Engineering Lead

ABOUT THE ROLE

Join the John Lewis Partnership’s Information Security Engineering team and play a crucial role in protecting our customers, Partners and business from evolving cyber threats.

The John Lewis Partnership’s Information Security strategy is bold and ambitious. We provide a collection of security services, delivered through people, processes and technology. Working collaboratively, these services ensure that customers can shop with us efficiently, safely and securely, every single day.

A key component of this is the Threat Defence team. A group of Partners (employees) who play a vital role in the defence of our systems and data from cyber attacks. This is a team with a very broad set of responsibilities, including the monitoring of threats and vulnerabilities and the engineering and testing of key security defences.

We’re looking for an experienced Information Security Engineering Lead to take on a lead role within our Security Engineering service. In this role you’ll be overseeing the delivery of new security capabilities and ensuring that our Security Operations Centre remains equipped to defend against the latest cyber security threats.

This is a fantastic opportunity to get hands-on with market leading next-generation cyber security tools where you'll be empowered to lead and innovate within an agile, supportive and collaborative team environment.

.

At a glance

• Salary - £65,000 - £85,000 depending on experience

• Contract type - Permanent

• Working pattern/flexible working -  This role is based at the Bracknell Head Office, with an opportunity for hybrid working. Your time will primarily be split between Bracknell (current normal expectation 1 day per week) and working from home. There will also be an expectation to infrequently visit other locations as the need arises. 

• Our Infosec team currently works from the office every Tuesday to connect and on a more ad-hoc basis to attend key meetings, but again the frequency is dependent on the business needs.

• There will be a need for on-call support as part of a callout rota, where you will be expected to be available for out of hours support approximately one week in 5. Specific rota requirements can be planned around leave and other personal commitments. 

What you’ll be doing:

• In this highly technical role, you’ll be responsible for developing and maintaining our security operations platforms and using your technical expertise and experience with security tooling to inform our overall Information Security strategy.

• You’ll bring your technical leadership to projects, leading the delivery of new security tooling as a respected Information Security expert and working with technology teams to ensure that new technologies are sufficiently secure and protected. 

• You’ll oversee a range of continuous improvement activities for our existing platforms and will work closely with other members of the Security Engineering service in an agile way to ensure we continue to drive value out of our investments.

• You’ll be a technical leader in the Information Security team and will use your experience and knowledge to guide, inspire and support other members of the team.

• You’ll develop positive relationships with colleagues and senior leaders from technology teams outside of Information Security and will work closely with vendors to ensure a secure Partnership.

What you’ll have (Essential Skills):

• Hands-on experience in a senior Security Engineering role, overseeing and leading a group of Security Engineers.
   

• Demonstrable experience in delivering and/or maintaining EDR tooling.
  Specific experience leading the deployment or engineering of SentinelOne would be of particular benefit.
   

• A proven track record working as part of an agile delivery team, following agile best practices such as Scrum or Kanban.
   

• Experience collaborating with development, operations and infrastructure teams, preferably in a security context

• A working knowledge of security best practice, including frameworks such as Mitre ATT&CK and NIST.

What else you could bring (Desirable Skills):

• Proficiency in working with or developing SIEM tooling and SIEM detections/alerts.

• Proficiency in Google SecOps (Google Chronicle) would be particularly beneficial.
   

• In-depth knowledge of network security, including principles such as zero trust and network security tooling such as zScaler.
   

• Experience securing cloud platforms and applications using tooling such as CASB, CSPM, SSPM or similar.
  Specific knowledge of GCP and Google Security Command Center would be beneficial.
   

• Formal accreditation in Information Security such as a related degree, ISC2 CISSP or similar.

Additional Information

• The application form consists of a CV upload, followed by application questions. Please save the application questions to a Google docs before entering on Workday for future reference.

• Internal applicants please copy paste this link on to the browser for job outline -  https://bit.ly/InfosecEnggLead

#LI-HEADOFFICE

#LI-Hybrid

#LI-LS1'

.

Closing Date:

March 23, 2025

Pay:

£56,700.00 - £91,000.00 Annual

Contract Type:

Permanent

Hours of Work:

35

Job Level:

Partnership Level 6

Where You'll Be Working:

Bracknell Campus, Doncastle Road, Bracknell, Berkshire, RG12 8YA

ABOUT THE PARTNERSHIP

We’re the largest employee owned business in the UK and home of our cherished brands, John Lewis and Waitrose. We’re not just employees, we’re Partners, driven by our purpose to build a happier world. As we look to our future, there’s never been a more exciting time to join us.  

We’re ruthlessly focused on being brilliant at retail. We continue to innovate, adapt and diversify. Never Knowingly Undersold on price, quality and service in John Lewis and passionately serving food-lovers in Waitrose.   

As Partners we all share the responsibility of ownership and in its rewards. We use our voices to contribute to our success, working together through the good and challenging times, holding true to our behaviours and treating everyone with kindness and respect. 

We all own making the Partnership somewhere we belong. Embracing our differences and creating an environment where we’re free to be ourselves and can THRIVE. Growing ourselves individually, and as a collective. 

As Partners, we make all the difference. And, we all own it.  

Important points to note:  

It’s important to note that some of our roles are subject to pre-employment vetting (which may include DBS checks for successful candidates). If required, you’ll be informed and provided with information about vetting during the recruitment process and we encourage you to complete any vetting documents quickly to avoid delays. Any DBS checks required will be carried out by a third-party registered body and financial probity checks may also be required for some of our roles.

We also recommend that you apply as soon as possible as vacancies can close early if we see a high number of applicants.  

We want all of our Partners to have a good work-life balance and we support flexible working. This might mean flexible or compressed hours, job sharing or shorter hour contracts, where possible. Please discuss this further with the hiring manager during your interview.