Senior Cyber Incident Manager (SCIM)

Posted 2 hours 49 minutes ago by WeAreTechWomen

Permanent
Full Time
I.T. & Communications Jobs
Hertfordshire, Welwyn Garden City, United Kingdom, AL7 1
Job Description

As a Senior Cyber Incident Manager at Tesco, you will command the response to high severity cyber incidents, safeguarding a complex retail ecosystem that serves millions of customers globally. Operating at the forefront of cyber defence, you will lead crisis response efforts, ensuring decisive action, minimal disruption, and protection of customer trust.

This role is pivotal in shaping Tesco's incident management maturity, driving strategic readiness and resilience across the organisation. You will combine operational excellence with forward looking innovation to ensure Tesco remains a leader in cyber incident response.

Responsibilities
  • Command Major Incident Response: Lead the end to end management of high severity cyber incidents, acting as the incident commander to coordinate technical teams and drive rapid containment and recovery.
  • Advise Executive Stakeholders: Provide clear, authoritative guidance to senior leadership during incidents, translating technical risk into business impact and enabling informed decision making.
  • Drive Strategic Evolution: Shape and continuously improve Tesco's incident management framework, embedding best practice, resilience, and a culture of readiness.
  • Enable Automation Innovation: Champion the use of Applied Artificial Intelligence (AI) and automation to enhance incident detection, triage, and response at scale.
  • Optimise Incident Operations: Leverage platforms such as Zendesk and xMatters to orchestrate complex incidents, ensuring disciplined workflows, accurate communication, and measurable outcomes.
  • Foster Collaboration & Inclusion: Lead cross functional collaboration across Cyber Defence, Technology, and Business teams, promoting inclusive, high performing environments that prioritise customer outcomes.
  • Lead Through Change: Drive adoption of modern ways of working, influencing teams to embrace innovation, continuous improvement, and engineering led approaches to incident response.
Essential
  • Advanced Incident Leadership: Demonstrable expertise in cyber incident management and incident response, including leading high impact, business critical incidents in complex environments.
  • Strategic Thinking & Decision Making: Advanced critical thinking and problem solving capability, with the ability to operate decisively under pressure while balancing technical and business priorities.
  • Executive Communication & Influencing: Proven ability to communicate with clarity and authority at all levels, including senior and executive stakeholders, influencing decisions during high pressure scenarios.
  • Operational Tooling Mastery: Strong experience with incident management platforms such as Zendesk and xMatters, ensuring structured, scalable incident orchestration.
  • Applied Automation in Cyber Defence: Practical understanding of how Artificial Intelligence (AI) and automation can be used to enhance cyber defence outcomes, particularly in large scale incident environments.
  • Enterprise Technology Awareness: Broad understanding of enterprise and retail technology landscapes, with the ability to assess how incidents impact critical services and customer experience.
  • Change Leadership: Demonstrable ability to embrace and enable change, leading transformation initiatives and embedding modern operational and engineering practices.
  • Collaboration & Inclusion: Strong track record of working across diverse teams, fostering inclusive environments where different perspectives are valued and leveraged to improve outcomes.
Desirable
  • Experience with digital forensics and incident investigation techniques.
  • Familiarity with Jira or similar tools for workflow and delivery management.
  • Understanding of cloud and container security principles.
  • Exposure to core cyber defence technologies (e.g., Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR .
  • Strong data analytics capability, using insights to inform incident response and continuous improvement.
  • Awareness of software development lifecycles and product based delivery approaches.
  • Leadership experience in developing teams and driving capability uplift.
  • Demonstrated curiosity, research capability, and active contribution to the cybersecurity profession.
  • Understanding of retail technology environments and associated cyber risks.
Equal Opportunity

We are proud to be an accredited Disability Confident Leader, and we commit to providing a fully inclusive and accessible recruitment process.