Mainframe Cyber Security Engineer - RACF

Tesco UK  •  Welwyn Garden City  •  Hybrid  •  Full-Time  •  Apply by 31-Jan-2026 About the role We are seeking a skilled Mainframe Security Engineer to join our team. As part of the Mainframe RACF Security team the ideal candidate will help ensure the security and integrity of our mainframe systems and involves implementing security measures, monitoring and remediation of vulnerabilities, and responding to security incidents. Protect critical data and maintain compliance with industry standards. What is in it for you We’re all about the little helps. That’s why we make sure our Tesco colleague benefits package takes care of you – both in and out of work. Click Here to find out more!   

• Annual bonus scheme of up to 20% of base salary 
• Holiday starting at 25 days plus a personal day (plus Bank holidays) 
• Private medical insurance 
• 26 weeks maternity and adoption leave (after 1 years’ service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 6 weeks fully paid paternity leave 
• Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing 
• Help design, implement, and maintain security policies and procedures for mainframe systems.
• Monitoring mainframe security logs and alerts to detect and respond to potential security incidents.
• Recommend remediation strategies and remediate vulnerabilities.
• Participate in incident response activities, including investigation and reporting of security breaches.
• Collaborate with cross-functional teams to ensure security best practices are integrated into system development and operations.
• Create, review and maintain internal documentation (Run books, processes and procedures).
• Ability to meet assigned timelines and complete workloads within SLA.
• Help with daily monitoring of calls, for access requirements and requests, prioritise and provide support for user issues with access and system functionality.
• Review and Maintain Role Based Access Controls (RBAC), Privileged access, JML(Joiners/Leavers/Movers), Breakglass and Emergency processes.

You will be responsible for
You will need

• Extensive RACF & z/OS experience in mainframe security, including IBM z/OS, related technologies, and other z/OS components.
• SME RACF security product experience is vital.
• Extensive use of IBM z/Secure - including z/Alert, Command Verifier, Access Monitor, RACF Offline and CARLA reporting.
• Understanding of Role Based Access Controls (RBAC).
• Understanding of security framework protocols and compliance standards (e.g., NIST, ISO 27001, PCI-DSS, GDPR).
• Knowledge of ICFR controls - (previously Sarbanes-Oxley), security assessments and audits.
• Proficiency in security tools and technologies, such as intrusion detection systems, firewalls, and encryption methods for z/OS.
• Excellent analytical and problem-solving skills, and able to work under tight timescales.
• Superb communication both verbal and written, with the ability to convey complex security concepts to non-technical key players and others.
• Familiarity with programming languages such as REXX, COBOL, JCL, CLIST, ISPF etc

About us Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is ‘Serving our customers, communities and planet a little better every day’. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet.    We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves. At Tesco, we not only celebrate diversity, but recognise the value and opportunity it brings. We're committed to creating a workplace where differences are valued, and make sure that all colleagues are given the same opportunities. We’re proud to have been accredited Disability Confident Leader and we’re committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please click here.    We’re a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you.  We work in a more blended pattern - combining office and remote working.  Our offices will continue to be where we connect, collaborate and innovate.  If you are applying internally, please speak to the Hiring Manager about how this can work for you - Everyone is welcome at Tesco.