Share this Job

Cyber Security Manager

Date: 14-Sep-2021

Location: SLOUGH, GB

Company: Telefonica S.A.

Location: Welwyn Garden City / Slough - Flexible

Close date: 19/09/2021


Tesco Mobile is the UK’s largest MVNO with over 5 million customers and industry leading customer satisfaction.  We’re a totally unique business, a 50/50 joint venture between Telefonica O2 and Tesco that launched back in 2003.


Being part of Telefonica, one of the world’s most creative digital companies, we’re able to open up all sorts of possibilities – not just for customers, but for the people who work for us, too.


Great benefits. Great rewards. High-quality training. Ongoing career development. Flexible working. These are just some of the reasons we attract great talent. 


Our inclusive approach to recruitment helps us be a true reflection of our customers and their communities. That’s why everybody’s welcome – it’s time to get everyone in the room


About the team:

The Cyber Security team is a critical part of the business with an extensive remit to protect Customers, Colleague and the Company from security threats. We are committed to delivering effective proactive and reactive cyber security capabilities and provide valuable input to ensure that informed decisions are made by the business. We care for human connection.


About the role:

The role will report into the Head of Cyber Security and you will be responsible for proactively reviewing the current and target architecture to ensure the confidentiality, integrity and availability of information. You will work closely with internal stakeholders to ensure that effective security controls and processes have been embedded in new and existing solutions. You will also be responsible for supporting an effective cyber security framework by leveraging threat intelligence, event monitoring, and vulnerability management to mitigate new and emerging security threats and challenges.


Key responsibilities:

  • Working with the Head of Cyber Security to manage some key elements of the Cyber Security Programme Managing the Security Operations Centre and the associated functions such threat intelligence.
  • Supporting the investigation and management of security Incidents by building effective relationships with all internal departments, the joint venture, suppliers and government agencies.
  • Close working relationship with the DevOps to ensure we have a secure development lifecycle. Automated security and compliance testing throughout the lifecycle is imperative.
  • Reviewing business changes and working with Solution Designers and Architects to ensure we have an effective Security Architecture based on threat modelling to drive relevant and effective Cyber Security requirements.
  • Identifying, assessing, and prioritising risks followed by coordinated and economical application of resources to minimise, monitor, and control the probability and/or impact of events.
  • Working with our Suppliers to ensure we have the appropriate security assurance over the products and solutions they offer the business.
  • Recommending and working with security tools to protect the business ranging from vulnerability scanners, web application firewalls and data leakage prevention technologies.
  • Working as a team to manage vulnerability and threat intelligence using well-known vulnerability tools such as Qualys whilst developing relationships with our intelligence partners and gathering open source intelligence.
  • Representing the cyber security team at meetings with internal and external stakeholders including, but not limited to.
  • Improving the security culture of the business by advocating best practices to the security team and the wider business.


Essential skills:

  • Experience working with Security Operations Centres, SIEM products and the MITRE attack framework
  • Experience working with implementing and maintaining a secure software development lifecycle Working knowledge of the security controls and processes applicable to cloud-based services (IaaS/Paas/Saas) NIST GDPR ISO27001 CEH OWASP PCI Information


Desirable Skills:

  • Experience working within an Agile security function or organisation
  • Security qualifications such as CISM, CISSP are desirable
  • The ability to work autonomously and to a high standard




We’ll be sending you emails about the status of your application. To make sure you receive these,   please add and to your Safe Senders list.


We’re looking to pay a great compensation package (depending on experience) for this position. We also offer plenty of extras to sweeten the deal, which could include things like bonuses, life assurance cover, health care and lots of flexible benefits.  


Also, every employee has their personal development supported with a LinkedIn learning account; plus other role specific learning available through our award-winning digital learning platform - O2 Campus. 


We also believe a great work-life balance is important, so we’re open to considering flexible working arrangements. Like to know more, feel free to raise it.  


Join us and we’ll encourage you to be bold every day. So take a deep breath, your career is about to go to exciting new places. 


If you have any questions around the role then please email who will be happy to help. 


We have recently announced that we will be moving towards a more blended working week – combining office and remote working, leveraging the advantages of face-to-face connectivity and enjoying the flexibility and productivity of remote working.

Our base will be the office, where we connect, collaborate and innovate – and there will be the expectation for everyone to be physically together more time than apart. For Head Office roles we therefore expect colleagues to spend a proportion of their time in the office location listed on the Job Description.

We are supportive of colleagues having conversations with hiring managers about what office presence will look like in the context of the role.