Senior Cyber Incident Manager (SCIM)

Company: Tesco – Corporate
Apply for the Senior Cyber Incident Manager (SCIM)
Location: Welwyn Garden City
Job Description:

Tesco UK • Welwyn Garden City • Full-Time • Working hours 36 • Apply by 31-Jul-2026

As a Senior Cyber Incident Manager at Tesco, you will command the response to high‑severity cyber incidents, safeguarding a complex retail ecosystem that serves millions of customers globally. Operating at the forefront of cyber defence, you will lead crisis response efforts, ensuring decisive action, minimal disruption, and protection of customer trust.

This role is pivotal in shaping Tesco’s incident management maturity, driving strategic readiness and resilience across the organisation. You will combine operational excellence with forward‑looking innovation to ensure Tesco remains a leader in cyber incident response.

Benefits

  • Annual bonus scheme of up to 20% of base salary.
  • Holiday starting at 25 days plus a personal day (plus Bank holidays).
  • Private medical insurance.
  • 26 weeks maternity and adoption leave (12 months service required at the qualifying date) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay; we also offer 6 weeks fully paid paternity leave.
  • Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing.

Responsibilities

  • Command Major Incident Response: Lead the end‑to‑end management of high‑severity cyber incidents, acting as the incident commander to coordinate technical teams and drive rapid containment and recovery.
  • Advise Executive Stakeholders: Provide clear, authoritative guidance to senior leadership during incidents, translating technical risk into business impact and enabling informed decision‑making.
  • Drive Strategic Evolution: Shape and continuously improve Tesco’s incident management framework, embedding best practice, resilience, and a culture of readiness.
  • Enable Automation Innovation: Champion the use of Applied Artificial Intelligence (AI) and automation to enhance incident detection, triage, and response at scale.
  • Optimise Incident Operations: Leverage platforms such as Zendesk and xMatters to orchestrate complex incidents, ensuring disciplined workflows, accurate communication, and measurable outcomes.
  • Foster Collaboration & Inclusion: Lead cross‑functional collaboration across Cyber Defence, Technology, and Business teams, promoting inclusive, high‑performing environments that prioritise customer outcomes.
  • Lead Through Change: Drive adoption of modern ways of working, influencing teams to embrace innovation, continuous improvement, and engineering‑led approaches to incident response.

Essential Qualifications

  • Advanced Incident Leadership: Demonstrable expertise in cyber incident management and incident response, including leading high‑impact, business‑critical incidents in complex environments.
  • Strategic Thinking & Decision‑Making: Advanced critical thinking and problem‑solving capability, with the ability to operate decisively under pressure while balancing technical and business priorities.
  • Executive Communication & Influencing: Proven ability to communicate with clarity and authority at all levels, including senior and executive stakeholders, influencing decisions during high‑pressure scenarios.
  • Operational Tooling Mastery: Strong experience with incident management platforms such as Zendesk and xMatters, ensuring structured, scalable incident orchestration.
  • Applied Automation in Cyber Defence: Practical understanding of how Artificial Intelligence (AI) and automation can be used to enhance cyber defence outcomes, particularly in large‑scale incident environments.
  • Enterprise Technology Awareness: Broad understanding of enterprise and retail technology landscapes, with the ability to assess how incidents impact critical services and customer experience.
  • Change Leadership: Demonstrable ability to embrace and enable change, leading transformation initiatives and embedding modern operational and engineering practices.
  • Collaboration & Inclusion: Strong track record of working across diverse teams, fostering inclusive environments where different perspectives are valued and leveraged to improve outcomes.

Desirable Qualifications

  • Experience with digital forensics and incident investigation techniques.
  • Familiarity with Jira or similar tools for workflow and delivery management.
  • Understanding of cloud and container security principles.
  • Exposure to core cyber defence technologies (e.g., Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR)).
  • Strong data analytics capability, using insights to inform incident response and continuous improvement.
  • Awareness of software development lifecycles and product‑based delivery approaches.
  • Leadership experience in developing teams and driving capability uplift.
  • Demonstrated curiosity, research capability, and active contribution to the cybersecurity profession.
  • Understanding of retail technology environments and associated cyber risks.

Tesco is a proud Disability Confident Leader and welcomes applications from all candidates irrespective of gender, race, disability or age.

#J-18808-Ljbffr…

Posted: July 7th, 2026