Tesco

CYBER RISK AND ASSURANCE MANAGER

Tesco  •  Czechia (Hybrid)  •  2 hours ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Tesco Czech Republic Hybrid Full-Time Permanent Working hours 40 Apply by 31-Dec-2026

About the role

This is a fantastic opportunity to join Tesco's Cyber Assurance team, part of the wider Cyber Risk function. The Cyber Assurance team is our second line in Technology working with stakeholders to ensure the implementation of proportionate controls to mitigate Tesco's cyber risk exposure. We also support Tesco in meeting (cyber) regulatory obligations across our operating countries.

[This role requires written and verbal fluency in Czech/Slovak and English]




What is in it for you

Tesco is a diverse and exciting employer, dedicated to being #aplacetogeton, providing career-defining opportunities to all of our colleagues. If you choose to join our business, we will provide you with :

  • Yearly salary bonus - based on both individual and business performance
  • Sick leave compensation
  • 1 extra week of annual leave above your legal entitlement of 4 weeks, to support your well-being and family life
  • Pension insurance contribution
  • Cafeteria benefit system & Multisport card
  • Training and Development Plan, supported by certified training and learning platforms like Udemy, Udemy Pro and LinkedIn
  • Referral Bonus
  • Flexible work time
  • With our Tesco Colleague Clubcard you and your family can enjoy a 15% discount on in-store and online shopping
  • Meal allowances
  • Virtual doctor and Employee assistance program to support colleagues wellbeing

You will be responsible for
  • Carry out cyber assurance and compliance initiatives independently, ensuring quality and timely delivery.
  • Perform risk-based controls testing across security domains utilising our internal security framework which is aligned with industry-recognised security frameworks (e.g., ISO 27001, NIST CSF, CIS) to determine control effectiveness and provide implementable recommendations.
  • Review and validate evidence provided by Cyber Security/Technology teams as part of control assurance activities, ensuring completeness and compliance with regulatory and industry standards.
  • Collaborate with Cyber Security and Technology teams to drive remediation of identified control gaps and ensure implementation of cyber security safeguards to improve security posture across the organisation.
  • Maintain up-to-date knowledge of information/cyber security and resilience related laws and regulatory requirements, and how they apply to Tesco's operating countries
  • Support compliance programs such as NIS2, GDPR, and PCI DSS etc., including performing gap assessments, evidence reviews, and reporting.
  • Support reporting across different Cyber Assurance initiatives, including reporting to Cyber Security Leadership and Cyber/Technology governance committees.
  • Identify, drive, and implement opportunities for process improvement across various initiatives within the Cyber Assurance team.
  • Build strong relationships with the stakeholders and lead meetings with Technology and Business Process teams.
  • Stay updated on evolving regulatory requirements and industry best practices and provide insights to management to continuously enhance the organisation's assurance posture.



You will need

Operational skills relevant for this job:

  • Critical thinking with strong attention to detail and good organisational skills
  • Strong written, verbal communication and presentation skills, working with all levels of seniority and disciplines within the organisation
  • Able to build solid working relationships with peers as well as internal and external stakeholders
  • At least one professional qualification such as CISA, CISM, CISSP or equivalent
  • Fluent in Czech/Slovak and English (verbal and written)

Experience relevant for this job:

  • IT audit and/or IT risk management, with examples of delivering and managing cyber risk and IT compliance activities within an organisation (e.g. regulatory audits, PCI assessments, ISO audits)
  • Experience of assessing of security controls across a variety of technologies and products, recommending improvements where necessary
  • Experience and knowledge of information security related laws and regulations such as NIS/NIS2 and GDPR
  • Experience conducting security assessments utilising different security frameworks and standards such as ISO 27001, NIST CSF, CIS


About us
Tesco Technology was established in Prague to support Tesco’s retail business in Central Europe and across the Tesco Group. What began as a regional center over 25 years ago has evolved into a modern, forward-thinking team, driving innovation and digital transformation throughout the region.
With operations in the UK, Ireland, India, Hungary, Poland, and the Czech Republic, we’re committed to delivering great value to our customers every day.
Let’s {code} the future together at {Tesco Technology}!
Tesco

About Tesco

One of the world’s largest retailers of consumer goods from food to fashion. Serving our customers, communities and planet a little better every day in our stores and online is at the heart of everything we do.

Founded in 1919 by Jack Cohen using the £30 he received on leaving the Royal Flying Corp, we’ve come a long way from his small market stall in East London. Today over 400,000 colleagues work across our stores, office, distribution and customer engagement centres in the UK, Europe and Asia.

Share our passion for the people, products and places that make us great, and we can offer the right support to develop your skills. If you’re looking for the perfect work-life balance, a collaborative culture and flexible ways of working, find your opportunity to get on at www.tesco-careers.com

Industry
Retail & Ecommerce
Company Size
10,000+ employees
Headquarters
Welwyn Garden City, GB
Year Founded
Unknown
Website
tesco.com
Social Media