Information Security Manager

Business Unit:
Cubic Transportation Systems

Company Details:
When you join Cubic, you become part of a company that creates and delivers technology solutions in transportation to make people’s lives easier by simplifying their daily journeys, and defense capabilities to help promote mission success and safety for those who serve their nation. Led by our talented teams around the world, Cubic is committed to solving global issues through innovation and service to our customers and partners.

Job Details:
Job Summary:

- The APAC Information Security Manager plays a pivotal role in safeguarding our commercial transportation programs across the Asia-Pacific region. Reporting directly to the Chief Information Security Officer (CISO), this individual is responsible for the strategic oversight of security and compliance initiatives. As a Global Process Owner (GPO) for Cyber Governance, Risk, and Compliance (GRC), this role demands close collaboration with internal and external stakeholders, offering an opportunity to shape our cybersecurity landscape significantly.

Essential Job Duties and Responsibilities:

- Security Governance: Ensure all technical implementations across the region adhere to our rigorous operational security standards.
- Stakeholder Management: Act as the senior security representative to the regional senior management team, customers, and partners, including leading security forums and communications.
- Compliance and Standards: Oversee compliance with international and regional standards, including ISO 27001, PCI-DSS, SOC 1/2, and NZ ISM, ensuring our programs align with contractual and regulatory obligations.
- Risk Management: Lead our vulnerability management program and ensure completion of comprehensive risk assessments, enhancing our resilience against cyber threats.
- Awareness and Training: Elevate security awareness within the company, fostering a culture of cybersecurity.
- Strategic Initiatives: Contribute to global security strategies and support business development with security expertise for regional bids.
- Vendor Management: Ensure third-party compliance with our security requirements, safeguarding our supply chain.
- Reporting and Policy Development: Provide detailed GRC reports to the CISO and maintain our Information Security Management System (ISMS) policies, standards, and procedures.
- Manage a regional information security team comprised of associates, security analysts, security architects.
- Responsible for all aspects of hiring and managing a regional team to support the APAC program needs.

General Duties and Responsibilities:

- Uphold Cubic's quality, health, safety, and security policies.
- Engage in continuous learning and professional development.
- Support the company's strategic objectives and collaborate across departments.

Minimum Job Requirements:

- Qualifications:

- Essential: University degree or equivalent; significant experience in a similar role.
- Desirable: Advanced degree in a technical field; professional certifications (IISP, CISA, CISM, CISSP, ISA).
- Skills/Experience/Knowledge:

- Extensive knowledge of PCI-DSS, ISO-27001, and cloud security practices.
- Minimum of 8 years in cybersecurity, with a focus on GRC.
- Proven ability to manage customer relationships and engage with stakeholders across various levels.
- Personal Qualities:

- Strong leadership and communication skills.
- Detail-oriented, proactive, and capable of rapidly adapting to new challenges.
- Ability to work independently and as part of a global team.
- Condition of Employment:

- Must pass a National Police Check.
- The description provided above is not intended to be an exhaustive list of all job duties, responsibilities and requirements. Duties, responsibilities and requirements may change over time and according to business need._

Worker Type:
Employee