Security Specialist (SOC & IR)

Job Description

Company Description

We’re ASOS, the online retailer for fashion lovers all around the world.

We exist to give our customers the confidence to be whoever they want to be, and that goes for our people too. At ASOS, you’re free to be your true self without judgement, and channel your creativity into a platform used by millions.

But how are we showing up? We’re proud members of Inclusive Companies, are Disability Confident Committed and have signed the Business in the Community Race at Work Charter and we placed 8th in the Inclusive Top 50 Companies Employer list.

Everyone needs some help showing up as their best self. Let our Talent team know if you need any adjustments throughout the process in whatever way works best for you.

Job Description

ASOS is recruiting for a Security Operations and Incident Response Specialist. This role will report into the SOC and IR Manager and be key to protecting ASOS from threat actors, whilst proactively improving the security posture of the organisation. This is a skilled role, requiring an excellent grasp of cloud native technologies with essential skills in at least one of the following areas: Network monitoring, Bot Protection technologies, O365 security, Microsoft Security Technologies and Tooling.

Job Role

• Endpoint monitoring and detailed alert triaging/response, following an incident through to resolution and root cause analysis,
• Malware Analysis and investigation,
• Alert fatigue initiatives and tuning,
• Act as a security SME for essential skills in one or more of the following areas: Network monitoring, Bot Protection technologies, O365 security, Microsoft Security Technologies and Tooling.
• Security Threat hunting across all of the department's technology estate to seek out areas of weakness, potential problems, and active threats,
• Contribute to processes and SOPS,
• Act as a point of escalation in the event of an incident, contributing to Major incident Management,
• Developing and mentoring junior team members to improve their skills and capabilities, along with wider knowledge transfer to other security and non-security teams to help build a culture of cyber security in departments.
• Maintain awareness of real-world cyber security threats and engage in the innovation of new analytic methods for detecting threats

Being part of Security Operations team, you will be required to do on call. This currently looks like 1 week out of every 5.

Qualifications

About you:

• Extensive experience in Incident Response in a Security Operations Team
• Experienced in mentoring/task managing team members in a Security Environment,
• Working knowledge of creating and tuning detection signatures, Indicators of Compromise (IOCs), and other content to detect malicious activity,
• Experience with Microsoft’s security stack and conducting investigations in-to possible threats, documenting all discovered IOCs.
• Experience in developing process based on previous investigations to help operations run more efficiently.
• Building automation playbooks to help build efficiency within the SOC.
• Committed to continuous learning and professional development, and passionate about developing others.

Additional Information

BeneFITS’

• Employee discount (hello ASOS discount!)
• ASOS Develops (personal development opportunities across the business)
• Employee sample sales
• Access to a huge range of LinkedIn learning materials
• 25 days paid annual leave + an extra celebration day for a special moment
• Discretionary bonus scheme
• Private medical care scheme