Security Analyst AUS

7 days ago


Brisbane, Queensland, Australia Cubic Corporation Full time $80,000 - $120,000 per year

Business Unit:
Cubic Transportation Systems

Company Details:
When you join Cubic, you become part of a company that creates and delivers technology solutions in transportation to make people's lives easier by simplifying their daily journeys, and defense capabilities to help promote mission success and safety for those who serve their nation. Led by our talented teams around the world, Cubic is committed to solving global issues through innovation and service to our customers and partners.

We have a top-tier portfolio of businesses, including Cubic Transportation Systems (CTS) and Cubic Defense (CD). Explore more on

Job Details:
Cubic Transportation Systems (CTS) is a global leader in intelligent transportation solutions, specializing in technologies that make public transit more efficient, accessible, and user-friendly. A significant feature is providing Fare and Payment card services to government and municipal customers across the globe.

Job Summary:
As a member of the Cubic Information Security Team, you will be responsible for supporting efforts to monitor security for Cubic systems and assist in the analysis and response to incidents. The successful candidate must be proficient at security monitoring using Tenable, Crowd Strike, Splunk, and Imperva and other security tools. Work will be on Windows and Linux assets in cloud or data centers. Analysts will be responsible for IT security tools and processes to manage and report operational security risks to operations teams for remediation. The analyst must have an intimate awareness of PCI security compliance expectations. The candidate will be a partner to support external audits to facilitate PCI-DSS, ISO 27001, and SOC compliance/audit efforts. Scanning operations will involve routine daily or weekly operations as well as support for pen testing or audit efforts. Findings must be risk rated and effectively escalated for remediation. Will be recognised internally as a subject matter expert. Works autonomously, able to assess and drive work priorities, with limited support or guidance needed.

Responsibilities
Essential Job Duties
and Responsibilities
Security Monitoring Configuration

  • Design and implement security monitoring solutions using SIEM, EDR, NDR, CSPM, and cloud-native tools (e.g. Azure Cloud Defender, AWS Security Hub, Guard Duty, Inspector, and Cloud Watch).
  • Integrate log sources from on-prem systems (firewalls, servers, endpoints, network devices) and cloud platforms (IaaS, PaaS, SaaS) into centralized monitoring systems.
  • Develop and tune detection rules and correlation logic to identify suspicious behavior, policy violations, and potential threats.
  • Tune detection rules to reduce false positives and improve signal-to-noise ratio.
  • Maintain visibility across hybrid environments by ensuring telemetry coverage and log integrity.

Threat Detection and Analysis

  • Monitor alerts and logs for indicators of compromise (IOCs) and suspicious activity.
  • Correlate events across multiple sources to identify potential threats.
  • Perform triage and initial investigation of alerts to determine severity, scope, and potential impact.
  • Use threat intelligence feeds to enrich alerts and prioritize response.

Incident Escalation and Coordination

  • Document and escalate validated security incidents to the appropriate operations or incident response teams.
  • Provide detailed context, including affected systems, users, and potential impact.
  • Collaborate with operations staff to ensure timely containment, eradication, and recovery.
  • Track and report on escalated incidents, including root cause analysis and remediation status.

Continuous Improvement

  • Review and refine detection logic based on incident post-mortems, false positives, emerging threats, and operational feedback.
  • Participate in threat hunting and proactive analysis to identify gaps in monitoring coverage.
  • Recommend and implement automation for alert triage and response workflows.
  • Contribute to playbooks and standard operating procedures for alert handling and escalation.
  • Stay current with emerging threats, vulnerabilities, and security technologies.

Compliance and Reporting

  • Ensure monitoring configurations support regulatory and policy requirements (e.g., PCI, ISO 27001, GDPR, CIS, etc).
  • Generate reports on security posture, alert trends, and incident metrics for leadership and governance teams.
  • Assist with audits and provide evidence of monitoring controls and incident handling.

General Duties and Responsibilities:

  • Reliably demonstrate accountability for work assignments and proactive communications about issues and status. A strong history of proactively identifying effective solutions for challenges.
  • Able to work effectively and uphold professional standards, with the customer and system stakeholders.
  • Self-motivated and able to work unsupervised
  • Methodical and Attentive to detail
  • Proactive in seeking advice from security subject matter experts when required
  • Comfortable working with staff at all levels and in other geographical locations within the organization
  • Comply with Cubic's Quality Management System
  • Comply with Cubic's quality, health, safety, and security policies.
  • Support the company's strategic objectives and collaborate across departments.
  • Comply with Cubic Human Resources Procedures

Skills/Experience/Knowledge
Essential:

  • Familiarity with PCI DSS 4, ISO , and/or SOC I/II requirements and audits.
  • Experience installing, configuring and supporting Tenable, Crowd Strike, Splunk, and Imperva in Windows and Linux environments
  • Experience performing monitoring in Azure and AWS cloud environments, as well as in data centers.
  • In depth understanding and experience in network security. Strong preference for someone who has had experience working as a network security admin and/or cloud or systems security admin.
  • Expert level experience collaborating with stakeholders and solution providers in a cross functional and matrixed IT organization. Able to adapt style efforts to persuade in delivering messages that relate to the wider business. Is frequently called on to advise others on complex matters and may be accountable through team for delivery of business targets.
  • Exhibits advanced wide- ranging experience, using in- depth professional knowledge, acumen, concepts and company objectives to develop, resolve complex models and procedures. Provides solutions to issues in creative and effective ways. Understands the interrelationships of different disciplines. Directs the application of existing principles and guides development of new policies and ideas.
  • Understands and works on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors. Determines methods and procedures on new assignments. Exercises judgment in selecting methods, evaluating, adapting complex techniques and evaluation criteria for obtaining results.
  • This position typically works under limited supervision and direction. Candidates for this position will regularly exercise discretionary and substantial decision-making authority.

Desirable:

  • Deep understanding of security risks and threats as they relate to the company's operating environments.

Qualifications
Essential:

  • Minimum 8 years' experience in services or IT systems in a mission critical setting.
  • University degree in Computer Science, Engineering, or other technical fields, or Business Administration with relevant IT work experience.
  • At least 5 years' experience working in IT security and/or Payment Card processing systems. Strong understanding of technical concepts, as well as demonstrated ability to understand complex internally developed systems.
  • The candidate must reside within commuting distance from CTS offices in Brisbane QLD, Sydney NSW or Wellington NZ, and be able to periodically travel within the region.

Desirable

  • Certification as an Information Security professional (e.g. ISACA CISA/CISM/CRISC, ISC(2) CISSP, BCS CISMP/IISP)
  • Payment Card Industry Security Standards Council certification (ISA/ QSA)

Condition of Employment:
Successful outcome of a National Police Check

The description provided above is not intended to be an exhaustive list of all job duties, responsibilities and requirements. Duties, responsibilities and requirements may change over time and according to business need.
Worker Type:
Employee


  • Security Analyst

    3 weeks ago


    Brisbane, Queensland, Australia Talent Full time

    Join to apply for the Security Analyst role at Talent1 day ago Be among the first 25 applicantsJoin to apply for the Security Analyst role at TalentWe're seeking a Senior Cyber Security Analyst to join a key government cyber defence team supporting state-wide initiatives in cyber threat detection, incident response, and the uplift of security operations....

  • Security Analyst

    3 weeks ago


    Brisbane, Queensland, Australia Talent Full time

    Join to apply for the Security Analyst role at Talent1 day ago Be among the first 25 applicantsJoin to apply for the Security Analyst role at TalentWe're seeking a Senior Cyber Security Analyst to join a key government cyber defence team supporting state-wide initiatives in cyber threat detection, incident response, and the uplift of security operations....


  • Brisbane, Queensland, Australia The Lottery Corporation Full time

    Join to apply for the Junior Security Analyst role at The Lottery CorporationJoin to apply for the Junior Security Analyst role at The Lottery CorporationCould this be one of those rare moments to do the best work of your career?The Lottery Corporation is Australia's largest lottery company offering exciting games that deliver life-changing wins to customers...

  • Security Analyst

    3 weeks ago


    Brisbane, Queensland, Australia Dedalus Full time

    Join to apply for the Security Analyst role at DedalusJoin to apply for the Security Analyst role at DedalusAnd do you want to make healthcare safer, better and more reliable?Join our TeamJoin us as a Security Analyst at Dedalus, one of the World's leading healthcare technology companies, on our CTO Team in Australia to do the best work of your career and...


  • Brisbane, Queensland, Australia Ashurst Full time

    Join to apply for the Senior Cyber Security Analyst role at AshurstThe OpportunityWe currently have an exciting opportunity for a Senior Cyber Security Analyst to join our global team in Brisbane or Sydney on a full-time permanent basis.The Senior Cyber Security Analyst is responsible for implementation and maintenance of advanced security controls,...


  • Brisbane, Queensland, Australia Ashurst Full time

    Join to apply for the Senior Cyber Security Analyst role at AshurstThe OpportunityWe currently have an exciting opportunity for a Senior Cyber Security Analyst to join our global team in Brisbane or Sydney on a full-time permanent basis.The Senior Cyber Security Analyst is responsible for implementation and maintenance of advanced security controls,...

  • ICT Security Analyst

    2 weeks ago


    Brisbane, Queensland, Australia Paxus - Technology + Digital Talent Full time

    ICT Accreditation Security AnalystJoin a high impact team working on Defence focused ICT security initiatives. We are looking for multiple Security Analysts experienced in ICT accreditation, system security plans, and cybersecurity frameworks to support a major platform in Brisbane, QLD.KEY RESPONSIBILITIES:Assess and implement ICT Security Accreditation...


  • Brisbane, Queensland, Australia RightSec Full time

    OverviewThis is a full-time on-site role for a Security Operations Center (SOC) Analyst.We are seeking a talented SOC Analyst to join our dynamic security team.If you are passionate about cybersecurity, enjoy analysing complex threats, and have experience in Security Operations Centers, we want to hear from you.As a SOC Analyst, you will play a critical role...


  • Brisbane, Queensland, Australia RightSec Full time

    Overview This is a full-time on-site role for a Security Operations Center (SOC) Analyst. We are seeking a talented SOC Analyst to join our dynamic security team. If you are passionate about cybersecurity, enjoy analysing complex threats, and have experience in Security Operations Centers, we want to hear from you. As a SOC Analyst, you will play a...


  • Brisbane, Queensland, Australia RightSec Full time

    OverviewThis is a full-time on-site role for a Security Operations Center (SOC) Analyst. We are seeking a talented SOC Analyst to join our dynamic security team. If you are passionate about cybersecurity, enjoy analysing complex threats, and have experience in Security Operations Centers, we want to hear from you. As a SOC Analyst, you will play a critical...