Head of Security Operations

Company Description

We’re ASOS, the online retailer for fashion lovers all around the world.

We exist to give our customers the confidence to be whoever they want to be, and that goes for our people too. At ASOS, you’re free to be your true self without judgement, and channel your creativity into a platform used by millions.

But how are we showing up? We’re proud members of Inclusive Companies, are Disability Confident Committed and have signed the Business in the Community Race at Work Charter and we placed 8th in the Inclusive Top 50 Companies Employer list.

Everyone needs some help showing up as their best self. Let our Talent team know if you need any adjustments throughout the process in whatever way works best for you.

Job Description

We are seeking a dynamic and experienced Head of Security Operations to lead and mature our security operations function. This pivotal role will be responsible for defining and driving the overall security operations strategy and lifecycle, ensuring the protection of our critical assets and data. The ideal candidate will possess deep expertise in vulnerability management, threat intelligence, security operations centre (SOC) management, and incident response. This leader will build and mentor high-performing teams, optimise processes, and proactively mitigate security risks in ASOS’s evolving environment.

Day to day:

1. Develop and implement a comprehensive security operations strategy aligned with the company's risk appetite and business objectives.
2. Define and maintain the security operations roadmap, prioritising initiatives and resource allocation.
3. Stay abreast of emerging threats, technologies, and industry best practices, and translate them into actionable strategies.
4. Provide leadership and direction to the leads of the functional areas.
5. Lead the Cyber Defence function that includes Security Operations, IAM, Vulnerability Management and Internal/ External Threat Intelligence capabilities.
6. Work closely with vendors and third parties that assist the functions performed by the ASOS Sec Ops team.
7. Be the main point of escalation for Cyber Defence issues within ASOS, overseeing and managing any Security Operational incidents and events.
8. Develop a threat intelligence strategy and continuous improvement plan to enhance and improve the Cyber Defence service.
9. Act as escalation for the SOC manager and oversee the overall efficiency of SOC and IR teams. Provide direction to align the teams towards proactive intelligence-led response and oversee simulation and red team exercises.

Qualifications

About You:

1. Significant experience in operational security, especially managing a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Centre (CSIRC) or a Security Operations Centre (SOC).
2. Experience in industry standards and frameworks, such as ISO 27001, PCI DSS and NIST CSF.
3. Relevant experience of working in an operational security capacity.
4. Experience in security device management and SIEM.
5. Proven experience of Incident Management and Response.
6. In-depth knowledge of security concepts such as TTPs, threat vectors, risk management, incident management etc.
7. Experience in threat management.
8. Proficient in preparation of reports, dashboards, presentations and documentation.
9. Experience in getting the best from vendors.

Additional Information

Benefits:

1. Employee discount (hello ASOS discount!).
2. ASOS Develops (personal development opportunities across the business).
3. Employee sample sales.
4. Access to a huge range of LinkedIn learning materials.
5. 25 days paid annual leave + an extra celebration day for a special moment.
6. Discretionary bonus scheme.
7. Private medical care scheme.
8. Flexible benefits allowance - which you can choose to take as extra cash, or use towards other benefits.

Why take our word for it? Search #InsideASOS on our socials to see what life at ASOS is like.

Want to find out how we’re tech powered? Check out the ASOS Tech Podcast here ASOS Tech Podcast. Prefer reading? Check out our ASOS Tech Blog here ASOS Tech Blog.