We’re here to unite the conditioning community. We believe that putting the sweat in today, prepares us for tomorrow. So, we give people the tools they need to reach further, go faster, be stronger. We celebrate those who show up – for themselves – to be their physical or mental best, whatever that means for them. It’s what we want for our community, and our team. A team that’s growing rapidly around the world. A collective of talented individuals working together to invent Gymshark’s future. Our plans are ambitious, and we’re looking for people who want to join us for the ride – our growth will be your growth.
As Gymshark’s Security Incident Response/Threat Hunter, you will be responsible for managing incidents escalated from the SOC or through proactive threat hunting, identifying, assessing, and reporting on possible threats that could impact Gymshark’s systems.
We have an ambitious strategy that will transform Gymshark’s Incident response and Threat & Vulnerability capability. Therefore this role will work closely with the program workstreams to support the delivery of reducing tangible risk outcomes to Gymshark.
Are you our next Security Incident Response/Threat Hunter? Here’s the role up close:
- Act as Incident Response leader providing clear communications to stakeholders.
- Perform root cause analysis to identify gaps and provide recommendations that will reduce Gymshark’s exposure to cyber-risks.
- Collaborate with technical and non-technical stakeholders to develop and agree on effective mitigation plans for incident resolution.
- Stay current with the critical threats to our in-house and Cloud-based IT solutions by continually analysing cyber threat intelligence sources.
- Support the delivery of a global SIEM logging and analysis to identify breaches or malicious activity on network or cloud infrastructure both internal and customer-facing.
- Identify technical and procedural enhancements and opportunities to continuously improve the capability of the Incident Response and Threat Hunting function.
- Produce executive level reporting, documenting incident outcomes and threat hunt discoveries.
- Ability to work with internal staff & third parties to define and deliver risk reduction strategies.
- Excellent communication skills with the ability to explain technical security incidents and discovered threats.
- Work closely with the SOC to develop use-cases and improve the overall efficiency of the Cyber Threat Hunting processes.
- Use incident data and threat analytics to measure the effectiveness of tools and policies to help understand the landscape for further improvement.
- Provide subject matter expertise on cyber threats to support current analytic operations and initiatives.
- Incorporate the relevant intelligence provided by both internal teams and external stakeholders to assist the Security architecture and Security Monitoring functions to deliver enhanced proactive and reactive operations to mitigate against current and emerging threats.
- Researching new and existing threat actors and associated tactics, techniques, and procedures (TTPs) and their impact to the business.
- Utilise tools and analysis to identify breaches or near misses on the network, client machines, or cloud infrastructure.
- Benchmark Gymshark against key compliance legislation and global security standards.
Knowledge & Opportunity
- Hands-on experience in analysing and responding to incidents
- Experience in managing stakeholders in critical situations to ensure effective resolution during incidents.
- Experience working in a SOC; preferably managing a team
- Act as a Subject Matter Expert (SME) in all matters related to Incident Response and Threat Hunting.
- Attend relevant 3rd party events & Webinars to further knowledge/skills/contacts within the industry.
- Experience within a Cyber Security Team or equivalent
- Knowledge of OWASP Top 10, Cyber Kill Chain, Mitre Att@ck framework, and Penetration Testing.
- Experience working in a SOC; preferably leading on incident response.
- General knowledge of current and emerging security technologies, Strong information security knowledge including web, network, and endpoint protocols
- Operational knowledge of SIEM, firewalls, intrusion detection and vulnerability management systems
- High level of organisational skills
- Work collaboratively with local and International Technical and Non-Technical teams to align on global projects and joint tasks.
- Providing support for Gymshark security Identity Systems in the event of emergencies – occasionally out of hours if urgent
- Ability to work collaboratively with other team members to deliver immediate tasks.
- Commercial Awareness and a creative problem solver with the ability to think laterally and understand the cost and value drivers within a competitive business environment.
Here are some of the perks we offer:
🙌 Opportunity to work on high traffic, high performing e-commerce systems
🤑 Competitive ‘Win Together, Lose Together’ Bonus
🩺 Full private medical insurance with no excess
🏖 25 days holidays + your birthday and all the Bank Holidays which can be substituted and taken whenever you want.
💻 A truly flexible working culture (role needs someone to come to HQ at least twice a week but not every day).
👥 A collaborative, creative and inspiring working environment
💰 Employer pension contributions up to 7%
🤩 Life Assurance at four times your basic salary
🦈 50% Gymshark Discount & Gymshark Gift Card for each year of service
🥇 Financial, Physical and Mental Wellbeing Support
📚 Great training and learning resources & 10% time for personal development
🖥 Choice of hardware and access to the best software
🤒 Paid time off when you’re physically and mentally unwell
🧸 Very Generous Family Leave package – we support you extending your family
GS Campus Perks:
🍎 Refuel – Healthy fresh food at GSHQ
🏋️♂ Free Lifting Club (LC) Gym Membership for yourself and two friends/family
👉 Free monthly massages
💈 Beauty and Barber facilities
🚘 Free on-site parking