As one of our Security Engineers, you are passionate about security and great engineering practices. You will join a multidisciplinary team, working together with other Security Engineers, Product Managers, and Security teams. As an Engineer, you will help design, build, and deliver secure, high-quality enterprise solutions across numerous initiatives within the organization, building upon and spreading your security knowledge to an ever-expanding engineering community, increasing our security posture and helping identify and reduce our risk exposure when deploying systems and infrastructure.
You will utilize your experience in systems, network, endpoints, and infrastructure security to reduce our risk exposure in our Offices, Warehouses, Operational Tech, and Cloud landscape. You will help drive projects that improve asset discovery and monitoring across a broad range of environments. You will bring to the team a solid understanding of network and operational technologies and the security risks associated with them. You will help design and build solutions that will increase the security of our warehouses and physical premises as well as contribute to other security engineering projects and initiatives, broadening your skillset and exposure to other aspects of Security.
This is not primarily a hands-on networking role but would suit someone looking to move from hands-on to more strategic design and consultation. You would need proven hands-on experience; however, will not be afraid to get stuck into projects if applicable.
Responsibilities
Support with Security Risk Assessments across our premises (incl. Threat Modelling, Attack Surface Analysis) Drive projects that improve asset discovery and monitoring across a broad range of environments Drive security risk decisions and influence technical architecture Produce and Deliver Security Training and Standards around Security Best Practices and risk reduction Be willing to create and make use of automations, policies, and scripts to support Security initiatives Understand industry regulations and compliance such as GDPR & PCI-DSS and how that applies to infrastructure Articulate mitigation and development techniques around emerging threats to technical and non-technical stakeholders Experience or interest in broadening skillset into asos.com traffic engineering / bot control, email security, and zero trust approaches About you:
Experience with identifying risks and securing Infrastructure, Operational Tech, and/or Warehouse technologies Strong experience with software/infrastructure engineering practices and processes A passion for Security and a strong understanding of good security practices An understanding of endpoint protection and network security Experience building applications, scripts, pipelines, or automation using modern technologies and languages such as PowerShell, YAML, Python, C#, Java, Docker, Kubernetes, Terraform, and IAC Understanding of regulatory compliance and industry standards such as NIST CSF, NIST SP 800-82r3, IEC 62443 BeneFITS
Employee discount (hello ASOS discount!) ASOS Develops (personal development opportunities across the business) Employee sample sales Access to a huge range of LinkedIn learning materials 25 days paid annual leave + an extra celebration day for a special moment Discretionary bonus scheme Private medical care scheme Flexible benefits allowance - which you can choose to take as extra cash, or use towards other benefits
#J-18808-Ljbffr
Support with Security Risk Assessments across our premises (incl. Threat Modelling, Attack Surface Analysis) Drive projects that improve asset discovery and monitoring across a broad range of environments Drive security risk decisions and influence technical architecture Produce and Deliver Security Training and Standards around Security Best Practices and risk reduction Be willing to create and make use of automations, policies, and scripts to support Security initiatives Understand industry regulations and compliance such as GDPR & PCI-DSS and how that applies to infrastructure Articulate mitigation and development techniques around emerging threats to technical and non-technical stakeholders Experience or interest in broadening skillset into asos.com traffic engineering / bot control, email security, and zero trust approaches About you:
Experience with identifying risks and securing Infrastructure, Operational Tech, and/or Warehouse technologies Strong experience with software/infrastructure engineering practices and processes A passion for Security and a strong understanding of good security practices An understanding of endpoint protection and network security Experience building applications, scripts, pipelines, or automation using modern technologies and languages such as PowerShell, YAML, Python, C#, Java, Docker, Kubernetes, Terraform, and IAC Understanding of regulatory compliance and industry standards such as NIST CSF, NIST SP 800-82r3, IEC 62443 BeneFITS
Employee discount (hello ASOS discount!) ASOS Develops (personal development opportunities across the business) Employee sample sales Access to a huge range of LinkedIn learning materials 25 days paid annual leave + an extra celebration day for a special moment Discretionary bonus scheme Private medical care scheme Flexible benefits allowance - which you can choose to take as extra cash, or use towards other benefits
#J-18808-Ljbffr
