We’re ASOS, the online retailer for fashion lovers all around the world.
We exist to give our customers the confidence to be whoever they want to be, and that goes for our people too. At ASOS, you’re free to be your true self without judgement, and channel your creativity into a platform used by millions.
But how are we showing up? We’re proud members of Inclusive Companies, are Disability Confident Committed and have signed the Business in the Community Race at Work Charter and we placed 8th in the Inclusive Top 50 Companies Employer list.
Everyone needs some help showing up as their best self. Let our Talent team know if you need any adjustments throughout the process in whatever way works best for you.
Job Description
As an experienced Threat & Vulnerability Senior Analyst, you will help drive identification and remediation of security threats and vulnerabilities to protect business operations across our technical teams.
This is a critical role responsible for overseeing and contributing to the successful execution of technical security remediation activities and initiatives within the business. The role will interface between the wider technology teams and our cyber security team, including our third-party partners, overseeing triage, tracking and remediation of security threats and vulnerabilities that effect the business.
We’re quite passionate about protecting our colleagues and the ASOS brand, so we would love someone who can thrive and develop on an ever growing and changing security landscape.
The Details:
Assist the Threat & Vulnerability Manager in the delivery of all ASM team services, providing guidance, support, and mentorship to more junior members of the team and maximise individual and team performance
Conduct vulnerability assessments both internally and externally, utilising vulnerability scanning and penetration testing tools and technologies
Identify, evaluate, and prioritise vulnerabilities based on the severity, exploitability, and potential impact on the organisation's infrastructure and systems
Work closely with technical delivery, DevOps and Platform teams to triage and remediate security threats and vulnerabilities, and promote SDLC policy and processes
Develop and execute vulnerability management programs, policies, and procedures to ensure continuous improvement in security posture
Perform risk assessments and provide actionable recommendations for the deployment of security controls and countermeasures in response to identified vulnerabilities
Collaborate with our MSSP partner and the incident response team in investigating and responding to security incidents, providing expertise and support in the utilisation of security technologies to identify, contain, and remediate threats
Qualifications
About you:
Proven experience working in vulnerability management
Working knowledge of OWASP, MITRE, CVSS and other standards/frameworks relevant to application security and vulnerability management
Proficient in using vulnerability scanning tools such as Nessus, Qualys, Rapid7, Wiz, OpenVAS, and penetration testing frameworks like Metasploit.
Knowledge of security and risk frameworks, plus regulatory compliance frameworks (e.g., PCI DSS, HIPAA, ISO 27001)
Relevant certifications like Certified Information Systems Security Professional (CISSP), Security+, CompTIA Cybersecurity Analyst (CySA+) or Certified in Cybersecurity (CC) are highly desirable
Strong analytical skills to prioritise vulnerabilities, assess risk, and recommend suitable mitigation strategies
Additional Information
BeneFITS’
Employee discount (hello ASOS discount!)
ASOS Develops (personal development opportunities across the business)
Employee sample sales
Access to a huge range of LinkedIn learning materials
25 days paid annual leave + an extra celebration day for a special moment
Discretionary bonus scheme
Private medical care scheme
Flexible benefits allowance - which you can choose to take as extra cash, or use towards other benefits
Your CV has been submitted successfully.
Complete form below to directly Send your CV / Linkedin Profile to Senior Threat & Vulnerability Analyst at ASOS.
@
You will receive all responses from employer on this email
Example: Application for the post of 'Accountant'
Example: Introduce your self and give purpose of your application
*All fields are mandatory.
Loading...
ASOS 110 jobs found
Senior Security Analyst (GRC) at ASOS
London, United Kingdom
Head of Financial Accounting and Change (12 month contract) at ASOS
London, United Kingdom
Senior Threat & Vulnerability Analyst at ASOS
London, United Kingdom
Assistant Buyer at ASOS
London, United Kingdom
Delivery Solutions Analyst at ASOS
London, United Kingdom
Martech Executive at ASOS
London, United Kingdom
Production Assistant - 12 month FTC at ASOS
London, United Kingdom
Social Content Lead at ASOS
London, United Kingdom
Senior Insight Analyst - Marketing at ASOS
London, United Kingdom
Senior Partnerships Producer - Maternity Cover at ASOS