ASOS is one of the UK’s top fashion and beauty destinations, expanding globally at a rapid pace. With 87,000 product lines across Womenswear, Menswear, Footwear, Accessories, Jewellery and Beauty, we’re setting the pace in a worldwide fashion revolution. With around 4,000 new product lines being introduced each week, we’re ambitious and we know our stuff. We ship to 237 countries and also have specific sites targeting the USA, France, Germany, Italy, Australia and Russia, with offices in the UK, Australia, USA, France and Germany.  

Technology is at the heart of supporting business growth at ASOS, through delivering incredible platforms and solutions by our award-winning team. At the centre of this is the technical innovation needed to stay ahead of our 20-something market, the cloud-based architecture to support our global reach and the agile engineering methods to deliver value fast. 

A bit about the person: 

As a Payments Security Architect, you will play a critical role in helping the organisation achieve the goal of becoming a truly global retailer and supporting the growth of our payment .  

The role is focused on the Security Architecture domain, performing a solution architecture role in both the cloud and on-prem security space, as well as liaising with the architect community and other senior IT and Business stakeholders to guide them in security related architectural and strategic matters. 

This role is a technical role and could be a good fit for a solution or cloud architect with a focus on payments services, looking to specialise in security or an engineer or analyst delivering security looking to move into security architecture. The perfect candidate will have a passion for bleeding edge technology and security and be motivated to develop security capabilities and solutions at scale and pace. 

The Role: 

This is a highly collaborative and technical role, where you will be expected to be in the details and occasionally get hands on. You will need to operate at several different levels: from working with architects and engineers to working very closely with the Cyber Security, payments and contributing to the Security Architecture Governance activities.  

The role will support development and delivery of the overall security architecture (and overseeing alignment to it) as well as identifying supplementary security capabilities that are needed to reach our business goals. As well as being a Security Solution Architect able to work at the high level and deep in the detail, you will need to know how to support business cases, develop benefit profiles and put forward compelling propositions etc. 

The position will also contribute to the dissemination of relevant knowledge among the enterprise architecture, IT and Business stakeholders and drive the evolution of the security architecture methodologies and practices in ASOS. 

Although it is vitally important that you must be an independent self-starter, able to work autonomously to successfully achieve your goals, you must also work collaboratively with the others and ensure that your strategy and designs, aligns with the security roadmap and delivers effective security solutions.  

Accountabilities and Responsibilities: 
 

Leveraging knowledge and expertise across ASOS, this position is accountable for: 

• Analyse and design security solutions for applications and infrastructure 
• Provide consulting and assistance to wider architects, incorporating good security design and practices 
• Design and deliver Azure security capabilities for both Cyber Security and across ASOS technology  
• Engage stakeholders and sponsors to capture requirements and develop technical solutions 
• Define and maintain design patterns, technology preferences, skills competencies as it relates to the security domain etc. 
• Conduct research on emerging security technologies and provide insight, recommendations and rationale etc. 
   

To achieve this, you will need to: 

• Build and maintain key relationships in across the technology landscape. 
• Develop, maintain and promote the adoption of a security architecture. 
• Collaborate effectively within the Enterprise / Principal Architects, Application Security Engineers and Cyber Security. 
• Prioritise security activities and support on the most appropriate and pragmatic vehicles for implementation (e.g. tactical via BAU vs building into strategic programmes). 
• Provide tactical guidance, along with integration and migration support throughout security deployment initiatives. 
• Create and maintain a broad range of security aligned architectural artefacts  
• Security Patterns 
• Solution Design 

What Success Looks Like: 

In order to gain traction as a Security Solution Architect at ASOS you must be flexible and pragmatic. This may include being able to work outside your normal mode, perhaps outside your comfort zone. The ability to adapt is critical, the organization does not stand still and as such you will need to change your style and approach as and when the need arises. The ultimate aim of this role is to facilitate and promote changes within ASOS the way in which you do this will depend on the context of the situation. 

What we are looking for: 
 

Experience 

• Previous experience in designing security solutions 
• Demonstrable experience in implementing security solutions through to operation, preferred 
• Track record of delivering tangible security benefit within a solution architecture, security engineering or security analyst role 
• Demonstrable experience of securing public cloud-based architectures  
• Experience with designing or delivering within a PCI environment
• Experience with designing or delivering alternative payment provider solutions

Key Technology 

• Experience with Container technologies (Docker, Kubernetes) preferred 
• Azure systems infrastructure experience with deep domain expertise in: Windows and/or Linux OS, networking, storage 
• App Service including Logic Apps, Azure Functions, or equivalent considered 
• Azure Security Center, Azure Sentinel, Log Analytics, ARM Policies, or equivalent considered 

Skills 

• A proactive, energetic, pragmatic, hardworking individual with strong people and customer relationship skills 
• The candidate should have at least 3-4 years experience in Azure or equivalent cloud solution architecture, engineering or analyst role working in a security capacity  
• Online retail industry specific background would be an asset 
• Experience in working effectively within application security including secure application development (security in SDLC phases) and architecture  
• Good knowledge of the security development lifecycle, understanding of, and the ability to carry out threat modelling 
• Experience with agile development 
• Azure or security certifications are a benefit 
• Sense of urgency - multi-tasking, prioritisation skills and ability to collaborate and work in a fast-paced environment, adapting to rapid change 
• Excellent organisational, analytical, project management, written and oral communication skills 
• Significant influencing, negotiating and problem-solving skills 
• Happy to deal with ambiguity and fluid situations 
• Ability to work effectively with internal and external stakeholders 
• Discreet and confidential where required 

  
  What's in it for you?

  We will give you a competitive salary, bonus scheme, staff discount, sample sales and pension matching but also a fantastic bunch of flexible benefits that focus on your health, wealth & inner self for you and your friends and family.

  We are all equal!

  
  We’re committed to creating an inclusive workforce. We believe in a world where you have the freedom to explore and express yourself without judgement, no matter who you are or where you’re from. Where you value yourself and feel proud of who you are. Where individuality is a source of confidence, because difference makes the world a better place.