Security Specialist (Offensive) - Security Operations, Belfast
Client: ASOS
Location: Belfast, United Kingdom
Job Category: Other
EU work permit required: Yes
Job Reference: 1c4b3002ea26
Job Views: 10
Posted: 26.04.2025
Expiry Date: 10.06.2025
Job Description
ASOS is recruiting for an Offensive Security Specialist within the SOC. This role will report into the SOC and IR Manager. The role involves leading offensive security assessments to strengthen defence capabilities for ASOS. Working closely with cyber teams, you'll identify security weaknesses, validate detection mechanisms, and provide actionable recommendations to enhance our security posture. You will contribute to the SOC team’s ongoing validation and improvement of security controls and detection capabilities.
The role will involve the following:
1. Threat Hunting: Proactively searching for signs of malicious activity within the network, identifying threats that might go undetected by automated systems.
2. Penetration Testing: Simulating real-world attacks to test the effectiveness of security controls and identify weaknesses.
3. Red Teaming: Engaging in adversarial simulations to assess the organisation's overall security posture and identify areas for improvement.
4. Collaboration with Defensive Teams: Working closely with defensive security teams to share insights, improve detection capabilities, and enhance incident response processes.
5. Developing Offensive Security Strategies: Designing and implementing strategies to proactively identify and mitigate security risks.
6. Endpoint Monitoring: Contributing to incident resolution and root cause analysis.
7. Malware Analysis and Investigation:
8. Process and SOP Development:
9. Mentoring: Developing and mentoring junior team members and sharing knowledge across teams to foster a cybersecurity culture.
10. Threat Awareness and Innovation: Staying informed about cyber threats and innovating analytic methods for proactive detection.
11. On-Call Duties: Participating in a 4-week on-call rota for escalated security incidents, ensuring prompt response to emergencies.
Qualifications - About You
* Relevant industry certifications such as GPEN, OSCP, OSCE, CRTO, CRTP, PNPT, and experience with frameworks like MITRE ATT&CK/D3FEND.
* Experience in penetration testing, ethical hacking, red team methodologies, and tools.
* Ability to communicate findings and remediation strategies effectively to both technical and non-technical audiences.
* Strong problem-solving and leadership skills, with good interpersonal abilities.
* Knowledge of creating and tuning detection signatures, Indicators of Compromise (IOCs), and other malicious activity detection content.
* Preferred experience with Microsoft’s security stack.
* Commitment to continuous learning, professional development, and knowledge sharing.
Additional Information - Benefits
* Employee discount (hello ASOS discount!)
* Personal development opportunities through ASOS Develops
* Employee sample sales
* Access to LinkedIn Learning resources
* 25 days paid annual leave plus a celebration day
* Discretionary bonus scheme
* Private medical care scheme
#J-18808-Ljbffr