O2 Job - 31182110 | CareerArc
  Search for More Jobs
Get alerts for jobs like this Get jobs like this tweeted to you
Company: O2
Location: Slough, England, United Kingdom
Career Level: Mid-Senior Level
Industries: Telecommunications, Broadcasting


Location: Slough or Bury

We are O2, the commercial brand of Telefonica UK Limited, a leading digital communications company owned by Telefonica S.A. We put our 25 million UK customers at the heart of everything we do, so we can use our technology to connect them to the experiences they live for.

And just like our customers, we open up exciting possibilities for our employees too. Great benefits. Generous rewards. High-quality training. Ongoing career development. These are just some of the reasons to join us.

We're always on the lookout for great talent, and we're all about inclusivity. We want to be a true reflection of our customers and their communities, to help us make the best decisions. That's why everybody's welcome at O2 – it's time to get everyone in the room.

What do the team do?

Tesco Mobile is a highly successful growing and profitable business with >5m customers. Tesco Mobile is a Joint Venture between TEF UK and Tesco. The IT Operations Team ensures a robust business support model to design, plan, deliver, operate and control information technology (IT) services offered to customers securely. Core components of the team include IT Service Management & Information Security.

How will you fit into this?

As our Head of Cyber Security, you will report into the Head of IT Operations and you will be responsible for Cyber Security within Tesco Mobile. You will be a key contributor to the Security strategy and will be responsible for the Cyber Security Programme to mature security and protect the confidentiality, integrity and availability of information. There will be a key focus on pro-actively securing critical platforms and the effective operation of the Security Operations Centre. You will provide specialist Cyber Security knowledge to the Senior Leadership Team on anything that could affect the Tesco Mobile production environment.

Some of the more specific responsibilities:

  • The strategic development and management of the Cyber Security Programme Management of the cyber security function and available resources to deliver the area strategy, continuously improving all elements including the professional development of our people

  • The implementation and management of the Tesco Mobile Security Operations Centre in line with industry standards and good practice

  • Close working relationship with the development teams to ensure we have a secure development lifecycle - automated security and compliance testing throughout the lifecycle is imperative

  • Reviewing business changes and working with solution designers and architects to ensure we have an effective security architecture based on risk assessments, threat modelling and cost benefits analysis to drive relevant and effective cyber security requirements

  • Responsible for ensuring the business has effective cyber security tools to protect the business ranging from vulnerability scanners, web application firewalls and data leakage prevention technologies

  • Responsible for vulnerability and threat intelligence using well-known vulnerability tools such as Qualys whilst developing relationships with our intelligence partners and gathering open source intelligence

  • The investigation and management of cyber security incidents working with the Security Operations Centre, all internal departments, the joint venture, suppliers and government agencies

  • Implementing a security conscious culture throughout the business with a prominent training and awareness scheme

  • Delivering an effective audit programme for compliance and continuous improvement. Supporting the joint venture internal audit programme and external audits for areas such as Billing and Metering, PCI and GDPR, alongside key quality programmes ISO22301 & ISO27001

What we need from you:

  • Experience with Security Operations Centres, SIEM products and the MITRE attack framework

  • Working knowledge of the security controls and processes applicable to cloud-based services (IaaS/Paas/Saas)

  • NIST

  • GDPR

  • ISO27001

  • CEH


  • CISSP qualification is desirable

  • Project experience within an agile and waterfall environment

  • A broad range of knowledge covering all the IT service lifecycle and the ability to work to a high level of self-management

  • Proven history creating strategies, programme financial management and leading high performing teams

Additional Information:

Grade: PCGT

Salary and benefits:

We're looking to pay a competitive salary (depending on experience) for this position. We also offer plenty of extras to sweeten the deal, which could include things like bonuses, life assurance cover, health care, holiday entitlement and lots of flexible benefits. We also believe a great work-life balance is important, so we're open to considering part time and flexible approaches to working. Like to know more? Feel free to raise it.

If you have any questions about the role then please email ResourceTUK@o2.com who will be happy to help.

 Apply on company website