Head of Security – Identity and Access Management

The Head of Security for Identity and Access Management (IAM) is a strategic role sitting within the Group Cybersecurity team.  The Head of Security is responsible for protecting colleagues and customers by reducing access risk across the Tesco business. This role is accountable for access governance, authentication, and privileged access management (PAM).

A key focus for this role is to define the long-term strategy and associated key initiatives for broadly reducing access risk, working with partner teams across Group Cybersecurity and in the wider Technology function.  You will be responsible for managing stakeholders to ensure alignment to, and successful delivery of, the strategy. 

You will be responsible for managing the strategic audit relationship with respect to IAM and PAM controls status and planned improvements, as well as owning and representing IAM and PAM security policies internally and externally.

Your team has day-to-day responsibility for four key activities:

• Risk reduction – Planning and executing strategic risk-reducing projects.
• Application onboarding – offering services to Technology teams to utilise the group access management, authentication (SSO) and privileged access platforms and so broaden controls scope.
• Access operations – handling queries related to joiners, movers, and leavers and governance processes (requests, reviews) amongst others.
• Governance – managing non-compliance related to onboarded systems & services; reducing instances of non-compliance.

This role is accountable for the operational performance levels of, and outcomes generated by, these activities.

You will lead in the growth and development of the IAM team; with a dynamic technical and controls landscape, maintaining appropriate skills and resource profiles is a key part of this role.  You will act as a mentor and guide, using your subject matter expertise to aid in the development of capability within the team. 

The Head of Security for Identity and Access Management (IAM) is a strategic role sitting within the Group Cybersecurity team.  The Head of Security is responsible for protecting colleagues and customers by reducing access risk across the Tesco business. This role is accountable for access governance, authentication, and privileged access management (PAM).

A key focus for this role is to define the long-term strategy and associated key initiatives for broadly reducing access risk, working with partner teams across Group Cybersecurity and in the wider Technology function.  You will be responsible for managing stakeholders to ensure alignment to, and successful delivery of, the strategy. 

You will be responsible for managing the strategic audit relationship with respect to IAM and PAM controls status and planned improvements, as well as owning and representing IAM and PAM security policies internally and externally.

Your team has day-to-day responsibility for four key activities:

• Risk reduction – Planning and executing strategic risk-reducing projects.
• Application onboarding – offering services to Technology teams to utilise the group access management, authentication (SSO) and privileged access platforms and so broaden controls scope.
• Access operations – handling queries related to joiners, movers, and leavers and governance processes (requests, reviews) amongst others.
• Governance – managing non-compliance related to onboarded systems & services; reducing instances of non-compliance.

This role is accountable for the operational performance levels of, and outcomes generated by, these activities.

You will lead in the growth and development of the IAM team; with a dynamic technical and controls landscape, maintaining appropriate skills and resource profiles is a key part of this role.  You will act as a mentor and guide, using your subject matter expertise to aid in the development of capability within the team. 

We offer excellent benefits that help make Tesco a great place to work!  These include but are not limited to:

• Annual bonus scheme of up to 45% of base salary
• Car allowance of £7320 per annum
• Holiday starting at 25 days plus a personal day (and bank holidays)
• Private medical insurance offered through Bupa
• Retirement savings plan – save between 4% and 7.5% and Tesco will match your contribution
• Life Assurance at 5x contractual pay
• Buy as you earn and Save as you earn share schemes

Our vision at Tesco is to become every customer’s favourite way to shop, whether they are at home or out on the move.  Our core purpose is “Serving our customers, communities and planet a little better every day”.  Serving means more than a transactional relationship with our customers.  It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of, and for the planet.

We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves.  At Tesco, we not only celebrate diversity, but recognise the value and opportunity it brings.  We’re committed to creating a workplace where differences are valued, and make sure that all colleagues are given the same opportunities.  We’re a big business with diverse working patterns and many business areas which means that we can find something that works for you.  Everyone is welcome at Tesco.

We have recently announced that we are moving to a more blended working week – combining office and remote working.  Our offices continue to be where we connect, collaborate and innovate.  Talk to us about how this can work for you.

Note: Should you be successful in your application, your employment will be subject to and conditional upon you providing your bank account details on your agreed start date.

We’re proud to have been accredited Disability Confident Leader and we’re committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please click here.