Flexa
For employers
< Back to search
ASOS • London, United Kingdom

Senior Security GRC Specialist

Job Description

Company Description

We're ASOS. We blend our flair for fashion with our love of cutting-edge technology, but more importantly were interested in how we can bring the best out of you.

We exist to give people the confidence to be whoever they want to be, and that goes for our people too. At ASOS, you're free to be your true self without judgment, and channel your creativity into a platform used by millions.

Through our Fashion with Integrity strategy we are driving diversity, equity and inclusion across every aspect of ASOS and ensuring every ASOSer can be their authentic self at work. We want our people to be whoever they want to be, because we believe people who bring their best selves to work, do their best work.

Job Description

An exciting opportunity has arisen for a Senior Security GRC Specialist to join the ASOS Governance Risk and Compliance (GRC) team in Cyber Security.

Reporting to the Security Governance, Risk and Compliance Manager, this role will assist in the development, enhancement and execution of ASOS’s information security risk and compliance function. This will include activities such as helping to maintain our compliance with the Payment Card Industry Data Security Standard (PCI DSS), maintenance of our security policies and standards, and managing third-party supplier risk. The role will also provide subject matter expert knowledge and support on security risk management. We’re passionate about protecting our colleagues and the ASOS brand, so we would love someone who can thrive and develop in an ever growing and changing security landscape.

You will need to operate at several different levels: from being a team player in the GRC team, working alongside the wider Security team and helping other colleagues in all ASOS business areas with their risk and compliance requirements.

Key Responsibilities

Responsibilities include, although not limited to:

  • Management and maintenance of ASOS compliance projects, including co-ordination of audit activities
  • Assist in maintaining the CISO’s security risk registers and conduct security risk assessments/risk workshops as required
  • Management and support for the security assessment of third-party suppliers using the ASOS third-party risk management platform
  • Management and tracking of corrective action plans for security audit findings, standards exceptions and control deficiencies
  • Supporting other Security teams and ASOS business areas with their risk and compliance requirements
  • Authorship and maintenance of ASOS security policies and standards

What Success Looks Like

  • Being an integral member of the GRC team to support the smooth running of GRC activities
  • Building effective relationships across ASOS business areas
  • Providing mentorship and guidance to junior GRC team members

Qualifications

  • The successful candidate will demonstrate competency in security by having either the relevant work experience, completed a degree or obtained industry relevant certifications (e.g. CISSP, CISM, CISA, CRISC)
  • Experience in industry standards and frameworks, such as ISO 27001, PCI DSS and NIST CSF
  • Good knowledge of applicable data privacy practices and laws (e.g. DPA, GDPR)
  • Broad knowledge around network technologies (especially cloud) and technical security
  • Excellent organisational skills to plan and manage multiple projects across the business
  • Analytical, problem solving and detail-oriented, with a proven ability to multi-task conflicting priorities
  • Strong communication and presentation skills and ability to influence at all levels of an organisation

Additional Information

BeneFITS’

  • Employee discount (hello ASOS discount!)
  • ASOS Develops (personal development opportunities across the business)
  • Employee sample sales
  • Access to a huge range of LinkedIn learning materials
  • 25 days paid annual leave + an extra celebration day for a special moment
  • Discretionary bonus scheme
  • Private medical care scheme
  • Flexible benefits allowance - which you can choose to take as extra cash, or use towards other benefits

Company benefits

25 days annual leave + bank holidays
401K
Accrued annual leave – Max 5 days to carry over
Adoption leave – 26 weeks enhanced pay
Annual bonus
Annual pay rises
Bike parking
Birthday off
Buy or sell annual leave
Cinema discounts
Coffee discounts
Company freebies
Compassionate leave
Critical Illness Insurance
Dental coverage
Early finish Fridays
Emergency leave
Employee assistance programme
Employee discounts
Enhanced maternity leave – 26 weeks enhanced pay
Enhanced paternity leave – 8 weeks enhanced pay
Enhanced pension match/contribution
Enhanced sick days
Enhanced sick pay
Eye Care Support
Faith rooms
Family health insurance
Fertility benefits
Financial coaching
Further education support
Gym membership
Hackathons
Health insurance
Hertility subscription
In house training
On-site catering
On-site massages
On-site workout classes
On-site yoga classes
Learning platform
Life assurance
Mental health first aiders
Mental health platform access – Access to EAP (Unum)
Mentoring
Neo-natal leave – 16 weeks leave
On-site gym
On-site wellness room
Open to compressed hours
Open to part time work for some roles
Open to part-time employees
Personal development days
Pregnancy loss leave – 10 days paid leave
Private GP service
Professional subscriptions
Referral bonus
Religious celebration leave
Restaurant discounts
Sabbaticals
Salary sacrifice
Shared parental leave – 26 weeks enhanced pay
Skilled worker visas
Study support
Teambuilding days
Time off in-lieu
Travel loan
Volunteer days
Summer hours

Working at ASOS

Company employees:

3,000

Gender diversity (m:f):

35:65

Hiring in countries

Türkiye

United Kingdom

Office Locations

Other jobs you might like