Cyber Security Incident Response Analyst hos ASOS.com


ASOS Technology is going through an exciting period of transition and major investment. – this includes a number of strategic programmes to deliver the amazing technology and business solutions to support our ambitious global growth plans. At the heart of these plans is the rebuilding of our digital platforms and channels to provide the best shopping experience for our customers. Our plan is designed to enable us to really put our mobile experience first, enable personalisation and support a data driven organisation. We are also making significant investments in all our Buying, Merchandising, Finance and People systems with the latest toolsets and applications to accelerate the next phase of our global growth. We are also improving our ways of working within Technology to enable autonomous platform development and improve our engineering and agile practices.

The role…

The role will be working in the Cyber Security Incident Response Team (CSIRT) within our Cyber department. ASOS is a leader in online fashion retailing which makes it a global target to Cyber threats. ASOS is facing a challenging Cyber attack landscape pursued by intelligent and evolving enemy.
This is a hands-on role with opportunities to grow into a tech lead/SME. The successful candidate is expected to detect and respond to cyber-security incidents as well as perform digital forensics analysis. In this role we are looking for a person who is looking to grow skills and experience. You will have the opportunity to work with, and learn from, our most experienced team members as part of your continuous development. When not responding to incidents, you will be working to build in-house incident response capabilities, which will include: building and developing cyber-response tools, authoring and adapting runbooks/playbooks, assessing the incident response maturity, and assisting in table-top cyber-scenario exercises.
The CSIRT will provide training and coaching to help you continually improve your skills. The Cyber department is geared up with the latest Cyber security controls and toolset to detect and respond to intrusions. You will be exploring and working with technology few global CSIRTs have ever engaged. Above all, ASOS is looking for someone who is passionate to be part of an A-team on a mission to defend business operations caused by Cyber attacks.

What you’ll be doing…

  • Detect and Respond to cyber incidents affecting business operations.
  • Run thorough investigations of external cyber threats throughout the incident response (IR) cycle to protect ASOS customers, employees and brand.
    Cross information from different security controls and collaborate with relevant teams and third parties to run analysis which reach accurate findings.
  • Run thorough internal investigations of insider threats, working on investigations into attempts at complex fraud or criminal activity in conjunction with the Physical Security and Fraud teams while collecting digital evidence applicable for prosecution in the court of law.
  • Deliver detailed, constructive and formatted IR reports documenting the detection & response required for internal stakeholders, external authorities (ICO, NCSC, NCA etc..) and auditors.
  • Constantly reduce time to Detection/Response/Mitigation (TTD TTR TTM).
  • Research new detection rules of newly threats and constantly improve current detection rules of known threats to capture attack mutations across multiple security controls.
  • Devise response procedures to mitigate and contain detected Cyber-attack vectors across multiple security controls.
  • Support mitigation and containment of extended Cyber incidents spanning off working hours.
  • Drive implementation of incidents aftermath to prevent reoccurring attacks.

Who we’d like…
  • Highly analytical person, ability to understand data flows, access mechanisms and infer conclusions. We are looking for the right mindset and analytical ability much more than knowledge.
  • The right mindset to think as a Cyber-criminal would do, be suspicious, try to prove the unobvious. Occasionally data presented in one system can be deceiving/tampered by an attacker – A responder would use all the tools in the reach to investigate.
  • Team player – IR is a team effort by definition and not a ‘one man show’.
  • Works well in fast changing environment with interfaces to both internal and external teams.
  • Independent and self-motivated to overcome new challenges, often cases which no one internally have ever faced before.
  • Highly verbal and written English communications skills.
  • Assertive and charismatic to convey digital findings and thoughts.
  • Hands on - Coming across new systems is an everyday task which requires dynamic and adaptive person with a “can do” attitude to explore ways of getting the necessary data. The position is not suitable for people who are intimidated investigating on new systems/platforms or frequently working with new teams.
  • Flexible and multitasking, able to cope with changes in assignments.
  • Discipline diligence and accuracy is what we look for.
  • Integrity – dealing with sensitive cyber security incidents requires facing both good and bad points when operating in an IR team, mistakes are made however it is crucial to report and communicate to prevent sever business impact.
  • Working under pressure during unusual hours.

Additionally, …

The successful candidate will demonstrate competency in computing and networks as well as in cyber-security either by having either a relevant work experience, completed a degree or obtained industry relevant certification. Therefore, the qualifications below should be seen as means to demonstrate competency and not as a requirement. The desired skill and qualification are provided below:
  • Excellent communication skills (English proficient both written and oral).
  • Working programming skill-set to be able to author and develop tools. Most in-house security tools are written in PowerShell, but we accept that a competent programmer will be able to transfer skillsets across languages.
  • Technical understanding in at least one of these areas: Endpoint security/Network security/Log analysis/Linux or Mac or Unix operating system forensics/Memory forensics/Dynamic malware analysis.
  • Strong IT and network understanding – knowledge of common enterprise technologies –Windows Active Directory, GPO, etc.

What’s in it for you…
  • A truly unique and agile working environment where you’ll be surrounded by a diverse range of passionate experts, with two common interests: technology & innovation
  • Generous salary, bonus and pension matching
  • Life insurance, free private medical care, cycle to work scheme + more
  • Huge staff discounts and sample sales
  • A bespoke flexible benefits scheme catered to you
  • 25 days holiday + never work on your birthday again!
  • Tech Develops days– one day per month dedicated to developing yourself and developing others within Tech
  • Best in class Learning & Development schemes and career development programmes
  • Free modern onsite gym, plus personal training and wellness rooms
  • Tech Presents days- breakfast mornings to collaborate and share your work with other teams
  • A dynamic social environment, from company-wide sports days, charity days, ‘Give A Week Away’ opportunities to visit our charity partners in India, company-wide celebrations across Christmas and Summer to name just a few
  • Plus much more…

Technology at ASOS
ASOS is the UK’s number one fashion and beauty destination, expanding globally at a rapid pace. Technology is at heart of this business growth and by delivering incredible solutions we are able to pioneer the technical innovation needed to keep our 20-something market engaged, the cloud-based architecture to support our global reach and the agile engineering methods to deliver value fast.
#LI-BR1

Husk at nævne, at du fandt dette opslag på AU Job- og Projektbank