The following job is no longer available:
Senior Security Analyst (GRC)
Senior Security Analyst (GRC)
Senior Security Analyst (GRC)
Posted a month ago
- London, Greater London
- Any
- External
- Expired - 2 months ago
ASOS Discover the latest fashion trends with ASOS. Shop the new collection of clothing, footwear, accessories, beauty products and more. Order today from ASOS.
View company page
We're ASOS. We blend our flair for fashion with our love of cutting-edge technology, but more importantly were interested in how we can bring the best out of you.We exist to give people the confidence to be whoever they want to be, and that goes for our people too. At ASOS, you're free to be your true self without judgment, and channel your creativity into a platform used by millions.Through ourFashion with Integrity strategy we are driving diversity, equity and inclusion across every aspect of ASOS and ensuring every ASOSer can be their authentic self at work. We want our people to be whoever they want to be, because we believe people who bring their best selves to work, do their best work.Job DescriptionAn exciting opportunity has arisen for a Senior Security Analyst to join the ASOS Governance Risk and Compliance (GRC) Team in Cyber Security.Reporting to the Information Security, Governance, Risk and Compliance Manager, this role will assist in the development, enhancement and execution of ASOS’s information security risk and compliance function. This will include activities such as helping to maintain our compliance with the Payment Card Industry Data Security Standard (PCI DSS), maintenance of our security policies and standards, and managing third-party supplier risk. We’re passionate about protecting our colleagues and the ASOS brand, so we would love someone who can thrive and develop in an ever growing and changing security landscape.You will need to operate at several different levels: from being a team player in the GRC team, working alongside the wider Cyber Security Team and helping other colleagues in all ASOS business areas with their risk and compliance requirements.Key ResponsibilitiesResponsibilities include, although not limited to:Management and maintenance of ASOS compliance projects and certifications (e.g. PCI DSS and ISO 27001), including co-ordination of internal audit activitiesAssist in maintaining the CISO’s cyber security risk registers and conduct cyber security risk assessments/risk workshops as requiredManagement and tracking of corrective action plans for security audit findings, standards exceptions and control deficienciesSupporting other Cyber Security Teams and ASOS business areas with their risk and compliance requirementsAuthorship and maintenance of ASOS security policies and standardsManagement and support for the security assessment of third-party suppliers using ASOS third-party risk management platformWhat Success Looks LikeBeing an integral member of the GRC Team to support the smooth running of GRC activitiesBuilding effective relationships across ASOS business areasProviding mentorship and guidance to junior GRC Team membersQualificationsThe successful candidate will demonstrate competency in cyber security by having either the relevant work experience, completed a degree or obtained industry relevant certifications (e.g. CISSP, CISM, CISA, CRISC)Experience in industry standards and frameworks, such as ISO 27001, PCI DSS and NIST CSFGood knowledge of applicable data privacy practices and laws (e.g. DPA, GDPR)Broad knowledge around network technologies (especially cloud ) and technical securityExcellent organizational skills to plan and manage multiple projects across the businessAnalytical, problem solving and detail-oriented, with a proven ability to multi-task conflicting prioritiesStrong communication and presentation skills and ability to influence at all levels of an organisationAdditional InformationWhat’s in it for you?ASOS Develops (personal development opportunities across the business)Employee sample salesAccess to a huge range of LinkedIn learning materials25 days paid annual leave + an extra celebration dayDiscretionary performance related bonus schemePrivate medical care schemeFlexible benefits allowance - which you can choose to take as extra cash, or use towards other benefitsExplore more InfoSec / Cybersecurity career opportunitiesFind even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr
View company page
We're ASOS. We blend our flair for fashion with our love of cutting-edge technology, but more importantly were interested in how we can bring the best out of you.We exist to give people the confidence to be whoever they want to be, and that goes for our people too. At ASOS, you're free to be your true self without judgment, and channel your creativity into a platform used by millions.Through ourFashion with Integrity strategy we are driving diversity, equity and inclusion across every aspect of ASOS and ensuring every ASOSer can be their authentic self at work. We want our people to be whoever they want to be, because we believe people who bring their best selves to work, do their best work.Job DescriptionAn exciting opportunity has arisen for a Senior Security Analyst to join the ASOS Governance Risk and Compliance (GRC) Team in Cyber Security.Reporting to the Information Security, Governance, Risk and Compliance Manager, this role will assist in the development, enhancement and execution of ASOS’s information security risk and compliance function. This will include activities such as helping to maintain our compliance with the Payment Card Industry Data Security Standard (PCI DSS), maintenance of our security policies and standards, and managing third-party supplier risk. We’re passionate about protecting our colleagues and the ASOS brand, so we would love someone who can thrive and develop in an ever growing and changing security landscape.You will need to operate at several different levels: from being a team player in the GRC team, working alongside the wider Cyber Security Team and helping other colleagues in all ASOS business areas with their risk and compliance requirements.Key ResponsibilitiesResponsibilities include, although not limited to:Management and maintenance of ASOS compliance projects and certifications (e.g. PCI DSS and ISO 27001), including co-ordination of internal audit activitiesAssist in maintaining the CISO’s cyber security risk registers and conduct cyber security risk assessments/risk workshops as requiredManagement and tracking of corrective action plans for security audit findings, standards exceptions and control deficienciesSupporting other Cyber Security Teams and ASOS business areas with their risk and compliance requirementsAuthorship and maintenance of ASOS security policies and standardsManagement and support for the security assessment of third-party suppliers using ASOS third-party risk management platformWhat Success Looks LikeBeing an integral member of the GRC Team to support the smooth running of GRC activitiesBuilding effective relationships across ASOS business areasProviding mentorship and guidance to junior GRC Team membersQualificationsThe successful candidate will demonstrate competency in cyber security by having either the relevant work experience, completed a degree or obtained industry relevant certifications (e.g. CISSP, CISM, CISA, CRISC)Experience in industry standards and frameworks, such as ISO 27001, PCI DSS and NIST CSFGood knowledge of applicable data privacy practices and laws (e.g. DPA, GDPR)Broad knowledge around network technologies (especially cloud ) and technical securityExcellent organizational skills to plan and manage multiple projects across the businessAnalytical, problem solving and detail-oriented, with a proven ability to multi-task conflicting prioritiesStrong communication and presentation skills and ability to influence at all levels of an organisationAdditional InformationWhat’s in it for you?ASOS Develops (personal development opportunities across the business)Employee sample salesAccess to a huge range of LinkedIn learning materials25 days paid annual leave + an extra celebration dayDiscretionary performance related bonus schemePrivate medical care schemeFlexible benefits allowance - which you can choose to take as extra cash, or use towards other benefitsExplore more InfoSec / Cybersecurity career opportunitiesFind even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr
.webp "Apply4U | Sign Up")
.webp "Apply4U | Contact Us")
.webp "Apply4U | Sign up")
