Head of Cyber Risk

This is a fantastic opportunity to join Tesco’s Cyber Risk team to lead the Cyber Risk and Assurance function. The team of cyber risk and assurance professionals is our second line in Technology working with stakeholders to ensure the implementation of proportionate controls to mitigate Tesco’s cyber risk exposure. In this role you will coordinate a global team of c.85 colleagues to drive Tesco’s cyber risk and assurance capability.

At Tesco, we believe in the power of spending more time together, face to face, than apart. So, during your working week, you can expect to spend 60% of your time in one of our office locations or local sites and the rest remotely. We also recognise that life looks a little different for each of us. Some people are at the start of their careers, some want the freedom to do the things they love. Others are going through life-changing moments like becoming a carer, nearing retirement, adapting to parenthood, or something else. That’s why at Tesco, we always welcome a conversation about flexible working. So, talk to us throughout your application about how we can support.

You will be responsible for:

- Leading a senior team of risk and assurance professionals who lead work including Cyber & Technology Risk, Cyber Assurance, Third Party Risk, and Internal Controls over Financial Reporting (ICFR).

- Reporting to the Director of Security & Capability (Group CISO) within the Technology organisation, and member of the CISO’s leadership team, this role works closely with the Group CTO and the Technology Leadership team, as well as teams outside of Technology such as Group Risk, Internal Audit, and our External Auditors.

- This role’s responsibilities are primarily for the Tesco retail businesses (UK, Ireland, and Central Europe), but also has responsibility for cyber assurance across the wider Tesco Group and subsidiaries.

- The role runs our Technology Risk and Compliance Committee as well as being a standing member of our Cyber and Privacy Risk Committee, and AI Governance forum.

- Leading a team of 85 people, across UK, India and Central Europe. Exceptional critical thinking skills and ability to influence at all levels are a must.

You will need:

- Experience in leading risk management or assurance programmes, with a focus on cyber risk.

- Experience and understanding of cyber security principles and IT security controls across a variety of technologies and products

- Experience as an IT auditor with time spent both within a big4 and industry.

- Experience of developing strong working relationships with various business areas to facilitate successful cyber risk management practices

- Experience and knowledge across different security frameworks and standards such as ISO 27001, NIST, CIS.

What's in it for you:

We’re all about the little helps. That’s why we make sure our Tesco colleague benefits package takes care of you – both in and out of work. Click Here to find out more!

Annual bonus scheme of up to 45% of base salary
Car Cash Allowance
Holiday starting at 25 days plus a personal day (plus Bank holidays)
Private medical insurance
Retirement savings plan - save between 6% - 10% and Tesco will contribute 1.5 times this amount
26 weeks maternity and adoption leave (after 1 years’ service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 4 weeks fully paid paternity leave

About us:

Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet.

We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves. At Tesco, we not only celebrate diversity, but recognise the value and opportunity it brings. We're committed to creating a workplace where differences are valued, and make sure that all colleagues are given the same opportunities. We're a big business with diverse working patterns and many business areas which means that we can find something that works for you. Everyone is welcome at Tesco.

We have recently announced that we will be moving towards a more blended working week – combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate. Please talk to us to about how this can work for you.

NOTE: Should you be successful in your application, your offer will be subject to and conditional upon you providing your bank account details on your agreed start date.

We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please visit https://www.tesco-careers.com/accessibility