Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead offensive security assessments and enhance ASOS's cyber defence capabilities.
- Company: Join ASOS, a global fashion retailer committed to inclusivity and creativity.
- Benefits: Enjoy employee discounts, personal development opportunities, and 25 days paid leave.
- Why this job: Make a real impact in cybersecurity while working in a supportive and innovative environment.
- Qualifications: Experience in ethical hacking and relevant certifications like OSCP or GPEN are essential.
- Other info: Opportunity to mentor junior team members and engage with cutting-edge security tools.
The predicted salary is between 43200 - 72000 £ per year.
Company Description
We’re ASOS, the online retailer for fashion lovers all around the world.
We exist to give our customers the confidence to be whoever they want to be, and that goes for our people too. At ASOS, you’re free to be your true self without judgement, and channel your creativity into a platform used by millions.
But how are we showing up? We’re proud members of Inclusive Companies, are Disability Confident Committed and have signed the Business in the Community Race at Work Charter and we placed 8th in the Inclusive Top 50 Companies Employer list.
Everyone needs some help showing up as their best self. Let our Talent team know if you need any adjustments throughout the process in whatever way works best for you.
Job Description
The Details
ASOS is recruiting for an Offensive Security Specialist within the SOC. This role will report into the SOC and IR Manager. This role will be key to leading offensive security assessments that strengthens defence capabilities for ASOS. Working closely with the cyber teams you\’ll identify security weaknesses, validate detection mechanisms, and provide actionable recommendations to enhance our security posture. You\’ll will contribute to the SOC team’s continuous validation and improvement in security controls and detection capabilities.
The role will involve the following
- Penetration Testing – Simulating real-world attacks to test the effectiveness of security controls and identify weaknesses.
- Red Teaming – Engaging in adversarial simulations to assess the organisation\’s overall security posture and identify areas for improvement.
- Collaboration with Defensive Teams – Working closely with defensive security teams to share insights, improve detection capabilities, and enhance incident response processes.
- Developing Offensive Security Strategies – Designing and implementing strategies to proactively identify and mitigate security risks.
- Contribute to processes and SOPS.
- Developing and mentoring junior team members to improve their skills and capabilities, along with wider knowledge transfer to other security and non-security teams to help build a culture of cyber security in departments.
- Maintain awareness of real-world cyber security threats and engage in the innovation of new analytic methods for proactively detecting threats.
Qualifications
About You
- Practical experience in ethical hacking, penetration testing, and red team, blue team methodologies
- Relevant industry certifications like GPEN, OSCP, OSCE, CRTO, CRTP, PNPT, and experience working with frameworks like MITRE ATT&CK/D3FEND)
- Familiar with industry-recognized frameworks for threat simulation and defence
- Able to communicate technical findings and remediation strategies clearly to both technical and non-technical audiences
- Skilled in producing accurate and well-structured reports and presentations
- Strong problem-solving and analytical skills, with a proactive and collaborative mindset
- Effective interpersonal skills, with the ability to build relationships and influence stakeholders
- Comfortable working with modern security tools and enterprise environments
- Committed to continuous learning and passionate about mentoring and developing others
Additional Information
BeneFITS’
- Employee discount (hello ASOS discount!)
- ASOS Develops (personal development opportunities across the business)
- Employee sample sales
- Access to a huge range of LinkedIn learning materials
- 25 days paid annual leave + an extra celebration day for a special moment
- Discretionary bonus scheme
- Private medical care scheme
#J-18808-Ljbffr
Offensive Security Specialist employer: ASOS
Contact Detail:
ASOS Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Offensive Security Specialist
✨Tip Number 1
Familiarise yourself with the latest trends in offensive security and penetration testing. Follow industry leaders on social media, join relevant forums, and participate in discussions to stay updated. This knowledge will not only help you during interviews but also demonstrate your passion for the field.
✨Tip Number 2
Network with professionals already working in offensive security roles. Attend cybersecurity conferences, webinars, or local meetups to connect with others in the industry. Building relationships can lead to valuable insights and potential referrals for the position at ASOS.
✨Tip Number 3
Engage in practical exercises and challenges related to penetration testing and red teaming. Platforms like Hack The Box or TryHackMe offer hands-on experience that can enhance your skills and provide real-world scenarios to discuss during interviews.
✨Tip Number 4
Prepare to articulate your previous experiences clearly, especially how you've contributed to improving security postures in past roles. Be ready to share specific examples of your work in ethical hacking and collaboration with defensive teams, as this will showcase your fit for the role at ASOS.
We think you need these skills to ace Offensive Security Specialist
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in ethical hacking, penetration testing, and red teaming. Use specific examples that demonstrate your skills and achievements in these areas.
Craft a Compelling Cover Letter: Write a cover letter that showcases your passion for offensive security and your understanding of ASOS's mission. Mention how your skills align with the role and how you can contribute to their security posture.
Highlight Certifications: Clearly list any relevant industry certifications such as GPEN, OSCP, or CRTO in your application. These credentials are crucial for demonstrating your expertise in the field.
Showcase Communication Skills: In your application, emphasise your ability to communicate technical findings to both technical and non-technical audiences. Provide examples of how you've done this in previous roles.
How to prepare for a job interview at ASOS
✨Showcase Your Technical Skills
Be prepared to discuss your practical experience in ethical hacking and penetration testing. Highlight specific projects or scenarios where you've successfully identified security weaknesses and how you approached them.
✨Understand ASOS's Security Landscape
Research ASOS's current security posture and any recent news related to their cybersecurity efforts. This will help you tailor your responses and demonstrate your genuine interest in the company and its challenges.
✨Communicate Clearly
Practice explaining complex technical concepts in simple terms. Since you'll need to communicate findings to both technical and non-technical audiences, being able to articulate your thoughts clearly is crucial.
✨Emphasise Collaboration
Highlight your experience working with defensive teams and your ability to build relationships. Discuss how you can contribute to a culture of cybersecurity within ASOS and mentor junior team members effectively.
