Application Security Architect

ENGINEERINGUK
Welwyn Garden City
3 weeks ago
Create job alert

You will need to login before you can apply for a job.

About the role

We are committed to align with the digital advancements at Tesco and secure the new technologies that enable our business to have a superior focus on serving our customers, communities, and planet.

Application Security Solution Architecture team within the larger cyber security group at Tesco Technology has been established to define the security architecture patterns covering cloud-native services, deliver the security design artefacts, develop the security architecture standards and lead the adoption of the architectural patterns into development projects across all directorates.

Highly competent, committed, and passionate architect will strengthen the Application Security Architecture team, as we build the defensible application security architectures to protect our customers, partners, and colleagues.

You will be responsible for

  • Engage in Security Architecture and Design, including Threat Modelling, for strategic platforms and systems with modern software architectures and advanced tech stacks.
  • Drive security architecture decisions and guide security implementation for critical strategic systems.
  • Lead the adoption of Security and Privacy by-Design principles with architects and development teams.
  • Develop application security architecture patterns covering cloud-native services, security design artifacts, and architecture standards in alignment with Tesco's cyber security strategy, industry standards, and regulatory requirements.
  • Perform threat models for strategic application systems, identify security design flaws and technology weaknesses, and define security design requirements to address cyber threats.
  • Influence decision makers to improve application architecture patterns and strengthen security.
  • Develop security standards for both front-end and back-end technologies and provide guidance on secure application and web service development.


You will need

  • Experience in developing application security architecture patterns and design principles.
  • Proficiency in Apps/API solution-level threat modeling and deep-dive technical security assessments.
  • Experience with Kubernetes, Docker containers, and preferably GitHub Actions (or other CICD frameworks).
  • Knowledge of application security frameworks and securing front-end and back-end technologies.
  • A strong understanding of inherent application design flaws and gaps in different architectures.
  • Experience with modern SDLC methodologies and technologies.
  • Familiarity with application attack tactics and techniques (MITRE Framework), security maturity models (OpenSAMM, BSIMM), security frameworks (NIST CSF), security standards (OWASP, SANS Top 25), and regulations (GDPR, PA-DSS).


What's in it for you

We're all about the little helps. That's why we give our wonderful colleagues bags of benefits. Including wellbeing services, an award-winning pension scheme and much, much more, our colleague reward package keeps on giving. And helps make every day a little better for you and your family. These include but are not limited to:

  • Annual bonus scheme of up to 20% of base salary
  • Holiday starting at 25 days plus a personal day (plus Bank holidays)
  • Buy holiday salary sacrifice scheme (for salaried roles)
  • Private medical insurance
  • Retirement savings plan - save between 4% and 7.5% and Tesco will match your contribution
  • Life Assurance - 5 x contractual pay
  • 26 weeks maternity and adoption leave (after 1 years' service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 4 weeks fully paid paternity leave
  • The right to request flexible working from your first day with us
  • Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing
  • A Colleague Clubcard for you & a family member (after 3 months of service), giving you access to lots of discounts in-store & online
  • Great colleague deals and discounts, saving you money on everyday purchases, eating out and utility bills for the home
  • Access to our colleague networks providing a space for colleagues to come together from a range of backgrounds. For more information about our colleague networks please click here
  • Opportunities to get on - take advantage of our ongoing learning opportunities and award-winning training, to help you achieve the job and career you want

Click Here to read more about the full range of benefits we have available for our colleagues

About us

Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet.

We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves. At Tesco, we not only celebrate diversity, but recognise the value and opportunity it brings. We're committed to creating a workplace where differences are valued, and make sure that all colleagues are given the same opportunities. We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please click here.

We're a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern - combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate. If you are applying internally, please speak to the Hiring Manager about how this can work for you - Everyone is welcome at Tesco.

Visit this company’s hub to learn about their values, culture, and latest jobs.

Create a job alert and receive personalised job recommendations straight to your inbox.

#J-18808-Ljbffr

Related Jobs

View all jobs

Application Security Architect

Cyber Security Architect (Must hold current active SC Clearance)

Global Security Architect

Security Architect

Principal Security Engineer

Staff Security Engineer (AppSec)

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Job-Hunting During Economic Uncertainty: Cyber Security Edition

The cybe rsecurity sector sits at the forefront of today’s digital landscape, defending businesses and governments alike from increasingly sophisticated threats. From incident response and network security to cloud protections and zero-trust architectures, cyber security professionals tackle an ever-evolving array of challenges. Yet, even this mission-critical field is not immune to economic turbulence. When broader financial markets experience uncertainty—whether through global recessions, regional downturns, or unexpected macro events—the hiring climate can shift, making roles more selective and budgets tighter. For job seekers in cyber security, this can be disconcerting. You might discover that once-abundant vacancies have become scarce, competition for the remaining positions is fiercer, or company priorities pivot away from large-scale expansions toward essential, cost-justified security projects. At the same time, data breaches and cyberattacks don’t pause during economic slowdowns—if anything, they may escalate as bad actors exploit organizational vulnerabilities. This paradox means that while the market feels tough, demand for cyber security expertise remains robust. In this article, we’ll look at: Why economic uncertainty affects cyber security hiring trends. Strategies for staying competitive, even if the number of open roles shrinks. Methods to highlight your skills, adapt to shifting priorities, and network effectively. Approaches for preserving mental well-being during prolonged searches or uncertain feedback loops. How www.cybersecurityjobs.tech can help you find the ideal security-focused role. By proactively sharpening your skill set, tailoring your professional profile, and engaging with a focused community, you can secure a rewarding cyber security job—even when the broader market feels volatile.

Careers

How to Achieve Work-Life Balance in Cyber Security Jobs: Realistic Strategies and Mental Health Tips

Cyber security is one of today’s most vital and rapidly expanding sectors. As data breaches, ransomware, and other cyber threats continue to evolve, the demand for skilled professionals is surging across industries—from finance and healthcare to government and e-commerce. Whether you’re a penetration tester, security analyst, or threat intelligence expert, you play a key role in safeguarding digital infrastructure and sensitive information. This high-stakes environment, however, often comes with intense pressure. Long hours, constant vigilance, and an ever-changing threat landscape can make it challenging to find time for personal well-being. Many cyber security specialists report difficulty striking a sustainable work-life balance, unsure if it’s even possible in a field that never truly sleeps. Yet, as concerns about mental health and burnout become more pressing, professionals and employers alike are seeking better ways to combine career advancement with a fulfilling personal life. In this comprehensive article, we’ll explore how to achieve a work-life balance in cyber security. You’ll discover strategies for managing 24/7 threat alerts, the importance of realistic expectations, ways to maintain mental health in high-intensity roles, and tips for setting boundaries without compromising your professional growth. Whether you’re new to this dynamic arena or already an established specialist, these insights can help you thrive personally and professionally in the fast-paced world of cyber security.

Careers

Transitioning from Academia to the Cyber Security Industry: How Researchers Can Harness Their Skills to Protect Commercial Environments

Cyber security has become a mission-critical field in an era where data breaches, ransomware attacks, and sophisticated hacking techniques threaten businesses and public institutions alike. As digital transformation touches nearly every facet of modern life, the need for highly skilled individuals capable of defending systems and networks continues to grow. For PhDs and academic researchers with expertise in areas like cryptography, network security, or threat intelligence, this presents an exciting opportunity to deploy your analytical prowess in a high-impact, fast-paced commercial setting. In this guide we’ll explore how academics can successfully pivot from the research lab to the cyber security industry. Learn how to apply rigorous, theory-driven approaches to real-world challenges, from designing secure software architectures to neutralising advanced persistent threats. By embracing the industry’s urgency and end-to-end mindset, you can transform your scholarly insights into robust, market-facing security solutions that protect companies and users on a global scale.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.