What’s the role about?

The John Lewis Partnership’s Information Security strategy is bold and ambitious, we put the security of our customers and Partners at the forefront of everything we do. 

In today’s world, keeping up with the latest cybersecurity threats can be a challenging task but a challenge our Partners relish. We work collaboratively and provide a collection of security services, delivered through people, processes and technology. Ensuring that customers can shop with us knowing their personal information remains secure.

Our Security Engineers provide technical excellence within the team and they oversee the delivery of new engineering capabilities, ensuring that our Security Operations Centre is equipped to counteract the latest cyber security threats. This is a fantastic opportunity to get hands-on with market leading, next-generation cyber security tools where you’ll be empowered to innovate within a supportive, collaborative and social team and agile culture.

If you’re passionate about cyber security, if you thrive and perform in fast-paced, high-demand scenarios, and if you want to make a real difference at the UK’s largest co-owned retailer, then this role is for you.

What you’ll be doing:

As a Security Engineer, you’ll play an essential role in the development and support of the SIEM and associated security platform, predominantly based on splunk technology, to improve visibility and detection of cyber threats for the wider Incident Response team.

You’ll also be responsible for ensuring the telemetry of key datasources is maintained and play a critical role in onboarding new sources of rich security events to the SIEM for projects and new applications. 

You will be responsible for driving the development of security logging & monitoring guidelines for the business so being approachable, customer focused and able to excel working across teams is key.

You will use your cybersecurity expertise and previous experience to contribute recommendations for new SIEM use-cases and support their development, testing and hand-over to SOC teams.

What you'll have:

• Hands-on experience administering Splunk and onboarding security feeds for anomaly detection and threat hunting
• Technical skills in underpinning infrastructure platforms including Windows Server and Linux
• Experience of developing and assuring detection SIEM use-cases
• Proven ability to work well in a collaborative team environment
• Customer focused and a natural at developing good working relationships outside of the team
• A continuous improvement and agile mindset
• Technical experience backed up by good behaviours with a strong attention to detail and excellent problem-solving skills

What else you could bring:

• Scripting and programming skills such as Python and Powershell
• Security orchestration and automation experience
• Working knowledge of security frameworks such as ATT&CK
• Experience working with other security tools such as vulnerability scanners and end-point security

Why do our Information Security Partners love working for us?

"We have a friendly team culture where everyone is keen to develop their skills and support those around them. I've been given great opportunities to further my career. The work we do is challenging and varied, and it's really satisfying to be part of a team that's integral to protecting our customers and Partners." - Laurence Jeffcoate - Information Security Analyst
 

Additional Information:

We occasionally close vacancies early in the event that we receive a high volume of applications. Therefore we recommend you apply as soon as possible.

The application form consists of a CV upload, an online test followed by application questions. Please ensure you refresh the page each time you complete a task to ensure you complete everything that you need to in time.

We have a number of different ways to work flexibly so at your interview feel free to talk about what flexibility means to you. There are no guarantees, however, it may open the door to not only a new role but a new way of working.