18 Oct
ASOS
London
Job Description
This role reports to the Head of Security Operations.
The Role:
As an experienced SOC and Incident Response Manager at ASOS, you will lead our cyber security incident response efforts and ensure effective and efficient resolution of security incidents, while maintaining our vital relationship with our external SOC. The ideal candidate will have a strong technical background in cybersecurity, a proven track record of managing incident response teams, excellent vendor stakeholder management skills and possess exceptional leadership, communication, and problem-solving skills.
The role will interface between the wider technology teams and our cyber security team, including our third-party partners,
ensuring a consistent response to all cyber security incidents.
Responsibilities:
- Manage and lead the incident response team, ensuring effective operations and high morale within the team.
- Oversee the identification, response, investigation, and resolution of security incidents within SLA’s
- Establish and maintain incident response processes, procedures, and documentation, ensuring they align with industry best practices.
- Liaise with our 3rd Party Security Operations Centre, to ensure effective service and handover of incidents between teams
- Conduct regular incident response training and drills to enhance team readiness and improve response times.
- Ability to perform and speak around log analysis and log integration into the SIEM.
- Define incident response metrics, dashboards and track and report on key performance indicators (KPIs) to senior management, suggesting improvements as needed.
- Delegate unassigned newly submitted tickets to analysts keeping in mind current workloads and availability.
- Lead incident post-mortem analysis to identify root causes, lessons learned, and recommend measures for prevention or improvement.
- Establish and maintain a database of detected and reported information security incidents.
- Conduct periodic threat simulation activities to evaluate the adequacy of deployed detective controls.