Offensive Security Specialist

ASOS is recruiting for an Offensive Security Specialist within the SOC. This role will report into the SOC and IR Manager. This role will be key to leading offensive security assessments that strengthens defence capabilities for ASOS. Working closely with the cyber teams you'll identify security weaknesses, validate detection mechanisms, and provide actionable recommendations to enhance our security posture. You'll will contribute to the SOC team’s continuous validation and improvement in security controls and detection capabilities.

 The role will involve the following

• Penetration Testing - Simulating real-world attacks to test the effectiveness of security controls and identify weaknesses.
• Red Teaming - Engaging in adversarial simulations to assess the organisation's overall security posture and identify areas for improvement.
• Collaboration with Defensive Teams - Working closely with defensive security teams to share insights, improve detection capabilities, and enhance incident response processes.
• Developing Offensive Security Strategies - Designing and implementing strategies to proactively identify and mitigate security risks.
• Contribute to processes and SOPS.
• Developing and mentoring junior team members to improve their skills and capabilities, along with wider knowledge transfer to other security and non-security teams to help build a culture of cyber security in departments.
• Maintain awareness of real-world cyber security threats and engage in the innovation of new analytic methods for proactively detecting threats.

About You

• Practical experience in ethical hacking, penetration testing, and red team, blue team methodologies
• Relevant industry certifications like GPEN, OSCP, OSCE, CRTO, CRTP, PNPT, and experience working with frameworks like MITRE ATT&CK/D3FEND)
• Familiar with industry-recognized frameworks for threat simulation and defence
• Able to communicate technical findings and remediation strategies clearly to both technical and non-technical audiences
• Skilled in producing accurate and well-structured reports and presentations
• Strong problem-solving and analytical skills, with a proactive and collaborative mindset
• Effective interpersonal skills, with the ability to build relationships and influence stakeholders
• Comfortable working with modern security tools and enterprise environments
• Committed to continuous learning and passionate about mentoring and developing others