Sunday , May 19 2024

Jobs at Asos – Cyber Security Incident Response Analyst

Website Asos

Job Description:

The role will be working in the Cyber Security Incident Response Team (CSIRT) within our Cyber department. ASOS is a leader in online fashion retailing which makes it a global target to Cyber threats. ASOS is facing a challenging Cyber attack landscape pursued by intelligent and evolving enemy.

This is a hands-on role with opportunities to grow into a tech lead/SME. The successful candidate is expected to detect and respond to cyber-security incidents as well as perform digital forensics analysis. In this role we are looking for a person who is looking to grow skills and experience. You will have the opportunity to work with, and learn from, our most experienced team members as part of your continuous development. When not responding to incidents, you will be working to build in-house incident response capabilities, which will include: building and developing cyber-response tools, authoring and adapting runbooks/playbooks, assessing the incident response maturity, and assisting in table-top cyber-scenario exercises.

Job Responsibilities:

  • Constantly reduce time to Detection/Response/Mitigation (TTD TTR TTM).
  • Cross information from different security controls and collaborate with relevant teams and third parties to run analysis which reach accurate findings.
  • Research new detection rules of newly threats and constantly improve current detection rules of known threats to capture attack mutations across multiple security controls.
  • Drive implementation of incidents aftermath to prevent reoccurring attacks.
  • Devise response procedures to mitigate and contain detected Cyber-attack vectors across multiple security controls.
  • Detect and Respond to cyber incidents affecting business operations.
  • Support mitigation and containment of extended Cyber incidents spanning off working hours.
  • Run thorough investigations of external cyber threats throughout the incident response (IR) cycle to protect ASOS customers, employees and brand.
  • Run thorough internal investigations of insider threats, working on investigations into attempts at complex fraud or criminal activity in conjunction with the Physical Security and Fraud teams while collecting digital evidence applicable for prosecution in the court of law.
  • Deliver detailed, constructive and formatted IR reports documenting the detection & response required for internal stakeholders, external authorities (ICO, NCSC, NCA etc..) and auditors.

Job Requirements:

  • Works well in fast changing environment with interfaces to both internal and external teams.
  • The right mindset to think as a Cyber-criminal would do, be suspicious, try to prove the unobvious. Occasionally data presented in one system can be deceiving/tampered by an attacker – A responder would use all the tools in the reach to investigate.
  • Highly analytical person, ability to understand data flows, access mechanisms and infer conclusions. We are looking for the right mindset and analytical ability much more than knowledge.
  • Independent and self-motivated to overcome new challenges, often cases which no one internally have ever faced before.
  • Highly verbal and written English communications skills.
  • Team player – IR is a team effort by definition and not a ‘one man show’.

Job Details:

Company: Asos

Vacancy Type:  Full Time

Job Location: Dundee, Scotland, UK

Application Deadline: N/A

Apply Here