Tesco UK

Senior Cyber Incident Manager (SCIM)

Welwyn Garden City AL7 1GA

Key information

Pay
Salary not listed
Hours
36
Contract
Full-Time
Posted date
30 Jun 2026
Closing date
31 Jul 2026

About this role

As a Senior Cyber Incident Manager at Tesco, you will command the response to high-severity cyber incidents, safeguarding a complex retail ecosystem that serves millions of customers globally. Operating at the forefront of cyber defence, you will lead crisis response efforts, ensuring decisive action, minimal disruption, and protection of customer trust.

This role is pivotal in shaping Tesco’s incident management maturity, driving strategic readiness and resilience across the organisation. You will combine operational excellence with forward-looking innovation to ensure Tesco remains a leader in cyber incident response.

-

Command Major Incident Response

Lead the end-to-end management of high-severity cyber incidents, acting as the incident commander to coordinate technical teams and drive rapid containment and recovery.

-

Advise Executive Stakeholders

Provide clear, authoritative guidance to senior leadership during incidents, translating technical risk into business impact and enabling informed decision-making.

-

Drive Strategic Evolution

Shape and continuously improve Tesco’s incident management framework, embedding best practice, resilience, and a culture of readiness.

-

Enable Automation Innovation

Champion the use of Applied Artificial Intelligence (AI) and automation to enhance incident detection, triage, and response at scale.

-

Optimise Incident Operations

Leverage platforms such as Zendesk and xMatters to orchestrate complex incidents, ensuring disciplined workflows, accurate communication, and measurable outcomes.

-

Foster Collaboration & Inclusion

Lead cross-functional collaboration across Cyber Defence, Technology, and Business teams, promoting inclusive, high-performing environments that prioritise customer outcomes.

-

Lead Through Change

Drive adoption of modern ways of working, influencing teams to embrace innovation, continuous improvement, and engineering-led approaches to incident response.

Essential

-

Advanced Incident Leadership

Demonstrable expertise in cyber incident management and incident response, including leading high-impact, business-critical incidents in complex environments.

-

Strategic Thinking & Decision-Making

Advanced critical thinking and problem-solving capability, with the ability to operate decisively under pressure while balancing technical and business priorities.

-

Executive Communication & Influencing

Proven ability to communicate with clarity and authority at all levels, including senior and executive stakeholders, influencing decisions during high-pressure scenarios.

-

Operational Tooling Mastery

Strong experience with incident management platforms such as Zendesk and xMatters, ensuring structured, scalable incident orchestration.

-

Applied Automation in Cyber Defence

Practical understanding of how Artificial Intelligence (AI) and automation can be used to enhance cyber defence outcomes, particularly in large-scale incident environments.

-

Enterprise Technology Awareness

Broad understanding of enterprise and retail technology landscapes, with the ability to assess how incidents impact critical services and customer experience.

-

Change Leadership

Demonstrable ability to embrace and enable change, leading transformation initiatives and embedding modern operational and engineering practices.

-

Collaboration & Inclusion

Strong track record of working across diverse teams, fostering inclusive environments where different perspectives are valued and leveraged to improve outcomes.

Desirable

  • Experience with digital forensics and incident investigation techniques.
  • Familiarity with Jira or similar tools for workflow and delivery management.
  • Understanding of cloud and container security principles.
  • Exposure to core cyber defence technologies (e.g., Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR)).
  • Strong data analytics capability, using insights to inform incident response and continuous improvement.
  • Awareness of software development lifecycles and product-based delivery approaches.
  • Leadership experience in developing teams and driving capability uplift.
  • Demonstrated curiosity, research capability, and active contribution to the cybersecurity profession.
  • Understanding of retail technology environments and associated cyber risks.

You might know us as a supermarket, technology company or even for our award-winning mobile network. Truth is, we’re all of those things, and much more. Our colleagues work with one goal in mind, helping to make every day a little better for our customers, colleagues and communities all over the world. No two customers are the same, neither are our colleagues.

At Tesco, we champion a balance that lets you thrive both in and out of work. Spend 60% of your week collaborating with colleagues at our office locations or local sites and the rest remotely. Whether you're just kicking off your career, juggling passions, or navigating big life events, we're here to support you. We always welcome a conversation about flexible working, so talk to us throughout your application about how we can support.

We're proud to be an accredited Disability Confident Leader, where everyone’s welcome. That’s why we commit to providing a fully inclusive and accessible recruitment process. If you need support with your application, click here for more information. And if you're interested in joining our team but don't tick every box, don't let that hold you back from applying.