Senior Security Engineer

As one of our Security Engineers you are passionate about security and great engineering practises.  You will join a multidisciplinary team working together with other Security Engineers Product Managers and Security teams.  As an Engineer you will design build and deliver secure highquality enterprise solutions across numerous initiatives within the organisation spreading your security knowledge to an everexpanding engineering community increasing our security posture and helping identify and reduce our risk exposure when building applications.  

You will use your strong software/platform engineering skillset to help design and build tooling and integrations across a wide range of areas.  You will gain deep knowledge on automated security tools and support the delivery and maintenance of these tools to empower engineers to build high quality secure applications with minimal disruption to their delivery.  Your impact will be felt within Cyber Security and wider by our tech communities engineers and operations teams. 

Responsibilities 

• Drive security efforts across ASOS Engineering (SecDevOps Secure SDLC) through building scalable security tool integrations into the developers workflow. 
• Provide documentation training guidance and support to teams using our tools. 
• Develop tools services and scripts to support with internal Security projects. 
• Support with security risk decisions and influence technical architecture. 
• Support with Application Security Assessments (incl. Threat Modelling Attack Surface Analysis Application Security Architecture Reviews and Security Code Reviews) where required. 
• Support with security training around Security Best Practices. 
• Understand and support teams with adherence to regulations (e.g. GDPR PCIDSI) 
• Defining and explaining security nonfunctional requirements for development teams. 
• Ability to articulate mitigation and development techniques around emerging threats to technical and nontechnical stakeholders 
• Work with other Security Engineers on collaborative projects and deliverables that support other Security & Fraud functions and business needs. 
• Stay updated on emerging security threats industry trends and evolving technologies. 

Qualifications :

About You 

• Experience in Cloud Security Platform Engineering Software Engineering or related fields with an emphasis on automation DevOps practices and tooling.
• Strong background in scripting and automation within a DevOps or continuous delivery environment.
• Solid understanding of key security scanning practices including static and dynamic analysis dependency and infrastructure scanning and credential detection.
• Handson experience implementing application security tools and practices.
• Experience developing applications scripts pipelines or automation using modern programming languages containerization and orchestration tools.
• Good grasp of objectoriented programming principles and commonly used programming languages.
• Familiarity with APIs including REST and GraphQL.
• Strong communication and collaboration skills.
• Experience working within agile methodologies and an understanding of the software development lifecycle including secure development practices.
• Knowledge of DevOps/DevSecOps principles security best practices and fostering a culture of security within development teams.

Additional Information :

BeneFITS 

• Employee discount (hello ASOS discount!) 
• ASOS Develops (personal development opportunities across the business) 
• Employee sample sales  
• Access to a huge range of LinkedIn learning materials 
• 25 days paid annual leave an extra celebration day for a special moment 
• Discretionary bonus scheme  
• Private medical care scheme 
• Flexible benefits allowance which you can choose to take as extra cash or use towards other benefits 

Remote Work :

No

Employment Type :

Fulltime