Job Description
As one of our Security Engineers, you are passionate about security and great engineering practises. You will join a multidisciplinary team, working together with other Security Engineers, Product Managers and Security teams. As an Engineer, you will design, build and deliver secure, high-quality enterprise solutions across numerous initiatives within the organisation, spreading your security knowledge to an ever-expanding engineering community, increasing our security posture and helping identify and reduce our risk exposure when building applications.
Your primary focus is to safeguard software applications from potential threats and breaches. You work as a bridge between security and engineering, ensuring that applications are designed, developed, and deployed in a secure manner. You will create and drive the security community of practise, engaging with your colleagues and creating valueable programmes that raise security awareness and expertise, scaling security practises and knowledge across the organisation. Your impact will be felt within Cyber Security and wider by our tech communities, engineers and operations teams.
Responsibilities
* Drive security efforts across ASOS Engineering (SecDevOps, Secure SDLC)
* Drive security risk decisions and influence technical architecture
* Build and lead our Security Community of Practise
* Lead Application Security Assessments (incl. Threat Modelling, Attack Surface Analysis, Application Security Architecture Reviews and Security Code Reviews)
* Play a role in proactively identifying potential security risks, developing mitigation strategies, and ensuring that security measures are incorporated right from the beginning of the application development process
* Produce and Deliver Security Training around Security Best Practices.
* Helping teams implement Cryptography correctly, in line with ASOS and industry standards
* Ability to articulate mitigation and development techniques around emerging threats to technical and non-technical stakeholders
* Support with risk assessments and vulnerability assessments to identify potential security gaps or weaknesses in existing technologies
* Utilise your strong coding and engineering skills to help create new tools and applications within the security space.
#J-18808-Ljbffr