Closing Date: 14-Jun-2024
We’d all like amazing work to do, and real work-life balance. That’s waiting for you at Sainsbury’s. Think about the scale it takes for us to feed the nation. The level of data, transactions and variety it involves. Then you’ll realise that ours is a modern software engineering environment because it has to be. We’ve made serious investment into a Tech Academy and into setting standards and principles. We iterate, learn, experiment and push ways of working such as Agile, Scrum and XP. So you can look forward to awesome opportunities in everything from AI to reusable tech.
We are all in the Security Team. To be the most trusted retailer, it is essential that we keep our customer, colleague and company data secure using appropriate security tools and processes.
The Head of Product Assurance is responsible for the Security Assurance of Products, Applications, and Infrastructure across the Group, reducing Information Security and Data risk and minimising business disruption. They will provide business-wide services to consistently deliver Security and Data controls that is line with the organisation’s risk appetite and strategic direction.
The role has the following responsibilities.
Lead a high performing team of 29 Information Security Analysts and specialists, who operate as consultants to the wider business
Oversee the evolution of the Product Assurance Framework and all associated processes, to ensure Product Assurance services are delivered consistently across the business and Technology
Guide the development of products (internal or external) in a secure manner and in compliance of our policies, standards and regulations
Ensure technology is kept secure and compliant during its lifecycle
Act as a partner to the Tech senior leadership team, being a point of escalation and provide subject matter expertise and advice on all security-related matters and providing a second line of defence through verification and validation of compliance activities
Identify, monitor, and reduce security vulnerabilities and risks
The role will require you to continually drive improvements within the team, measure and evolve our capability to ensure our services are delivered effectively and in line with Sainsbury’s future ways of working.
Manage the team consisting of 3 direct reports and 26 indirect reports, to provide security guidance as part of end-to-end product lifecycle management
Align team objectives to support the delivery of new initiatives using agile methodologies
Build and maintain strong senior stakeholder relationships within technology and the business and drive robust risk-based decision making
Provide subject matter expertise across the full security agenda and emerging technologies
Interface with business and third-party service providers. Hold them to account on security related matters
Represent Information Security at Product and Tech Governance meetings, to report on security posture, risks and escalate concerns
Drive the remediation of Data Governance and Information Security Risks
Additional Responsibilities
Support Policy and Tech standards documentation, input with security expertise and ensure they align to Technological developments
Drive automation in reporting and provide insightful reports for key stakeholders including the Data Governance Committee and the Tech Leadership team
Provide oversight and challenge to key technology and service providers, with regards to security posture
Overarching Responsibilities
Responsible for all aspects of day-to-day information security management and adherence to a coordinated set of processes across all services, suppliers, and customers
Provide clear leadership, coaching, and engage teams to perform to a high standard
Support and input into the development of the Information Security Strategy
Engage with peers externally to continually understand the changing landscape of security
What you need to know and show
A passion for Technology and Information Security
Large team Leadership, line management and coaching experience
Excellent, proactive stakeholder management skills
Excellent interpersonal communication skills and able to effectively articulate in both technical and non-technical terms
Proven experience of planning, managing, and implementing complex security change programs with continuous improvements and delivering the highest quality results
Ability to balance strategic thinking with a pragmatic approach to ensuring delivery of work
CISSP or CISM or equivalent is essential. Computer Science degree nice to have but not essential.
Experience presenting and reporting on project plans and progress to appropriate stakeholders, executives, and senior management
Understanding of security and data related risks in a complex organisation (including regulatory requirements)
Drive, ambition, and enthusiasm
Has a high level of impact and influence and ability to deliver difficult messages
What decisions I can make
Recommendations to wider organisation on matters relating to information security
Assignment of colleagues to the various functions
Day to day decisions around team management and administration
Recruitment of new colleagues.
Resources available to me
Product Assurance Team of 29
Group CISO and Head of Data Governance
Head of Information Security
Head of Product Management
Data Protection Officer
Tech Leadership Team
Industry and national bodies
Third party service providers (as appropriate)
We are committed to being a truly inclusive retailer, so you’ll be welcomed whoever you are and wherever you work. Around here, there’s always the chance to try something new - whether that’s as part of an evolving team or somewhere else across the business - and we take development seriously and promise to support you. We also recognise and celebrate colleagues when they go the extra mile and, where possible, offer flexible working. When you join our team, we’ll also offer you an amazing range of benefits. Here are some of them:
Starting off with colleague discount, you'll be able to get 10% off at Sainsbury's, Argos, TU and Habitat after 4 weeks. This increases to 15% off at Sainsbury’s every Friday and Saturday and 15% off at Argos every pay day. We've also got you covered for your future with our pensions scheme and life cover. You'll also be able to share in our success as you may be eligible for a performance-related bonus of up to 65% of salary, depending on how we perform (in cash and shares).
Your wellbeing is important to us too. You'll receive an annual holiday allowance, and you can buy additional holiday. We also offer other benefits that will help your money go further such as season ticket loans, cycle to work scheme, health cash plans, pay advance (where you can access some of your pay before pay day) as well access to a great range of discounts from hundreds of other retailers. You'll also receive a company car cash allowance unless you are going to travel 10,000 business miles in your role, then you'll be able to choose a car. And if you ever need it there is also an employee assistance programme, you will also be eligible for private healthcare too.
Moments that matter are as important to us as they are to you which is why we give up to 26 weeks’ pay for maternity or adoption leave and up to 4 weeks’ pay for paternity leave.
Please see www.sainsburys.jobs for a range of our benefits (note, length of service and eligibility criteria may apply).