An exciting opportunity has arisen for a Senior Security GRC Specialist to join the ASOS Governance Risk and Compliance (GRC) team in Cyber Security.
Reporting to the Security Governance, Risk and Compliance Manager, this role will assist in the development, enhancement and execution of ASOSs information security risk and compliance function. This will include activities such as helping to maintain our compliance with the Payment Card Industry Data Security Standard (PCI DSS), maintenance of our security policies and standards, and managing third-party supplier risk. The role will also provide subject matter expert knowledge and support on security risk management. Were passionate about protecting our colleagues and the ASOS brand, so we would love someone who can thrive and develop in an ever growing and changing security landscape.
You will need to operate at several different levels: from being a team player in the GRC team, working alongside the wider Security team and helping other colleagues in all ASOS business areas with their risk and compliance requirements.
Key Responsibilities
Responsibilities include, although not limited to:
Management and maintenance of ASOS compliance projects, including co-ordination of audit activities
Assist in maintaining the CISOs security risk registers and conduct security risk assessments/risk workshops as required
Management and support for the security assessment of third-party suppliers using the ASOS third-party risk management platform
Management and tracking of corrective action plans for security audit findings, standards exceptions and control deficiencies
Supporting other Security teams and ASOS business areas with their risk and compliance requirements
Authorship and maintenance of ASOS security policies and standards
What Success Looks Like
Being an integral member of the GRC team to support the smooth running of GRC activities
Building effective relationships across ASOS business areas
Providing mentorship and guidance to junior GRC team members
/01 Company Description
We're ASOS. We blend our flair for fashion with our love of cutting-edge technology, but more importantly were interested in how we can bring the best out of you.
We exist to give people the confidence to be whoever they want to be, and that goes for our people too. At ASOS, you're free to be your true self without judgment, and channel your creativity into a platform used by millions.
Through ourFashion with Integrity strategywe are driving diversity, equity and inclusion across every aspect of ASOS and ensuring every ASOSer can be their authentic self at work. We want our people to be whoever they want to be, because we believe people who bring their best selves to work, do their best work.
/02 Job Qualifications
The successful candidate will demonstrate competency in security by having either the relevant work experience, completed a degree or obtained industry relevant certifications (e.g. CISSP, CISM, CISA, CRISC)
Experience in industry standards and frameworks, such as ISO 27001, PCI DSS and NIST CSF
Good knowledge of applicable data privacy practices and laws (e.g. DPA, GDPR)
Broad knowledge around network technologies (especially cloud) and technical security
Excellent organisational skills to plan and manage multiple projects across the business
Analytical, problem solving and detail-oriented, with a proven ability to multi-task conflicting priorities
Strong communication and presentation skills and ability to influence at all levels of an organisation
/03 Additional Info
BeneFITS
Employee discount (hello ASOS discount!)
ASOS Develops (personal development opportunities across the business)
Employee sample sales
Access to a huge range of LinkedIn learning materials
25 days paid annual leave + an extra celebration day for a special moment
Discretionary bonus scheme
Private medical care scheme
Flexible benefits allowance - which you can choose to take as extra cash, or use towards other benefits
what our people say
what our people say
what our people say
what our people say
what our people say
what our people say
what our people say
what our people say
what our people say
what our people say
what our people say
what our people say
what our people say
what our people say
what our people say
what our people say
Meet The Team
Meet Zijiao Li -
Tech @ ASOS
Meet Amy Richardson -
Tech @ ASOS
Meet Si Jobling -
Tech @ ASOS
I love working at ASOS in my team because of the great atmosphere. From day one I already felt like being part of the team, everyone is so friendly, approachable and willing to help. It’s the place where you feel trusted and are given the opportunities & time to explore your full potential. As someone who just relocated to London, I also appreciate the international and cultural diverse environment – it’s ok to be whoever you want to be!
As a software engineer with a love for fashion, I feel extremely lucky to be part of a fashion company that priorities technology, innovation and customer experience to the same degree as their clothing.
As someone who left ASOS after 7 years but came back, it speaks volumes how much I love working at ASOS. The obvious reason is the people, not just in Tech but beyond. There's an unspoken respect and authenticity between everyone who works here
Zijiao Li
Tech @ ASOS
I love working at ASOS in my team because of the great atmosphere. From day one I already felt like being part of the team, everyone is so friendly, approachable and willing to help. It’s the place where you feel trusted and are given the opportunities & time to explore your full potential. As someone who just relocated to London, I also appreciate the international and cultural diverse environment – it’s ok to be whoever you want to be!
Amy Richardson
Tech @ ASOS
As a software engineer with a love for fashion, I feel extremely lucky to be part of a fashion company that priorities technology, innovation and customer experience to the same degree as their clothing.
Si Jobling
Tech @ ASOS
As someone who left ASOS after 7 years but came back, it speaks volumes how much I love working at ASOS. The obvious reason is the people, not just in Tech but beyond. There's an unspoken respect and authenticity between everyone who works here
our business values
our business values
our business values
our business values
our business values
our business values
our business values
our business values
our business values
our business values
our business values
our business values
our business values
our business values
our business values
our business values
loading
We are Customer First
We couldn’t be ASOS without our customers.
Across every behaviour, value, and all that we do, we see everything through our customers’ eyes. That means never taking anything for granted and always zeroing in on every single detail. So we can always bring our best as a team, and our customers can have an amazing experience, every time.
We are Authentic
We work together to be honest, transparent, and our full authentic selves.
This is our ASOS. Our culture, built on collaboration and togetherness, and supported by what’s real and honest. We know that we win bigger when we win as a diverse team. That means celebrating our differences and using them to help us stand out from the crowd, without losing our authenticity and individuality.
We are Brave
We challenge each other to aim high and reach our potential.
Doing nothing gets us nowhere. We may be proud of everything we’ve done so far, but there’s still so much more to explore. We believe we can always be wiser, faster, stronger, bigger, braver, kinder…so asking ‘why’ isn’t just a question, it’s a necessity. We use our voice to drive us forward, speaking up on the things our people and customers care about and using our curiosity to create possibility.
We are Creative
We know innovation leads to inspiration – it’s what makes us stronger
Change is in our DNA. By acting fast and staying one step ahead of the curve, we can be a leader, not a follower. But for our products and platform to be innovative, they have to be fuelled by creative passion and a deep understanding of our customers and our people.
We always Deliver
We couldn’t be excellent without evidence – so whatever we’re doing, we have proof of why we’re doing it.
It takes facts and data to tell our stories and help us make our decisions in the most effective way possible. This means we can do what we say and own what we do, no matter how long it takes us to do it. We aren’t about nonsense ifs, buts and maybes, we’re about creating an ASOS that’s built for future success on delivered success.
Our Benefits
Location
Our HQ in London
Our HQ in Camden was once a cigarette factory – now, the iconic Art Deco building has been completely renovated with spacious office areas, ASOS Studios (where we shoot all our products), beauty rooms and a free gym. There’s also a subsidised canteen and café.