Senior Information Security Analyst
5 months ago
Business Unit:
Cubic Transportation Systems
Company Details:
When you join Cubic, you become part of a company that creates and delivers technology solutions in transportation to make people’s lives easier by simplifying their daily journeys, and defense capabilities to help promote mission success and safety for those who serve their nation. Led by our talented teams around the world, Cubic is committed to solving global issues through innovation and service to our customers and partners.
We have a top-tier portfolio of businesses, including Cubic Transportation Systems (CTS) and Cubic Defense (CD). Explore more on Cubic.com.
Job Details:
Manages vendor-supplied penetration tests across Cubic customer programs to meet contractual and project requirements. Maintains current knowledge of malware attacks, and other cyber security threats. Help creates test cases using in-depth technical analysis of risks and typical vulnerabilities. Interprets, executes and documents testing procedures using agreed methods and standards. Records and analyses actions and results. Reviews test results and suggest modified tests if necessary. Provides reports on progress, anomalies, risks and issues associated with the overall project. Reports on system quality and collects metrics on test cases. Provides specialist advice to support others. This position will work under general supervision and guidance.
Essential Job Duties and Responsibilities:
- Manages information security penetration testing for new and existing business applications, IT infrastructure and/ or Company products, and provides advice and guidance on scope of penetration testing to meet relevant technical security controls (e.g. ISO27001 and/or the PCI security standards)
- Ensures penetration tests meet information security requirements
- Ensure that all VM Sec Ops processes are followed and ensure that all Security tools are maintained
- Develop and maintain VM Sec Ops reports and dashboards
- Ability to explain tool sets to auditors and customers alike.
- Expert knowledge of SIEM tools, vulnerability scanners
- Ensures all residual risk is documented for agreement by business service owners.
- May be required to work on other global Cubic sites and data centres
Minimum Job Requirements:
Qualifications
Essential:
- Bachelor’s degree in a relevant subject (e.g. information security, encryption, computer science, maths, engineering) or equivalent qualifications/experience
- Certification as an Information Security professional (e.g. IISP/CISA/CISM/CISSP/CCSP)
Desirable:
- Master’s degree in a relevant subject (e.g. information security, encryption, computer science, maths, engineering)
- Payment Card Industry Security Standards Council certification (ISA/ QSA/ QSA P2PE)
- HMG IA qualifications/ CLAS/ CISPM
- ITIL v4/ Prince2 foundation level/ TOGAF 9 certifications
- Security and IT infrastructure/ networking vendors’ certifications
Skills/Experience/Knowledge
Essential:
- Demonstrable experience in managing penetration tests
- Demonstrable experience supporting PCI-DSS certified solutions
- Experience supporting secure development lifecycles (SDL)
- Good understanding of enterprise-scale security management process and infrastructure
- Detailed knowledge of enterprise IT infrastructure and tools (e.g. Microsoft, Cisco, Oracle Solaris, Linux)
- Superior network infrastructure and protocol knowledge
- Knowledge of cryptographic services, current ciphers and key management systems
- Experience of quality management systems and external audit standards e.g. ISO 9001, ISAE3402
- Able to support an "on-call" out-of-business-hours service on a rotating basis with this responsibility spread across team members
Desirable:
- Demonstrable experience supporting architecture/ compliance programs for information security, audit, risk and compliance standards and legislation e.g. PCI-P2PE, PCI-POI-PTS, ISO 22301, ISO27005, ISO31000, NIST security and risk frameworks, GDPR
- Experience of application security testing tools and DevOps frameworks, e.g. Sonarqube, JIRA, static & dynamic code analysis/ “fuzzing”
- Ability to provide and report key performance indicator metrics demonstrating product and/or security architecture compliance within DevOps and waterfall project methods, product development
- Coding skills within development tools/ environments; Java, Visual Studio, C#
- Experience of transactional revenue, embedded, smartcards and mobile payment systems
- Knowledge / experience of security architecture of major public cloud services e.g. Microsoft Azure, Amazon Web Services, Google Cloud, Cloud Access Service Brokers e.g. Okta
- In depth understanding of information security operations tools, e.g. Tenable.IO, Nessus, Qualys, Splunk, Trend Micro DeepSecurity, Imperva, TripWire, Cisco IPS, McAfee, Barracuda
Personal Qualities
- Must be able to work effectively and uphold professional standards and confidentiality with Cubic internal and external customers as well as staff at all levels of the organisation. The role will also be required to work with security vendors, Cubic suppliers and customers.
- Must be able to travel globally at reasonable notice and be based internationally for assignments for several weeks’ duration
- Strong communication skills and able to rapidly acquire new knowledge and learn on the job
- Self-motivated, able to work on own initiative
Condition of Employment:
Successful outcome of a National Police Check
The description provided above is not intended to be an exhaustive list of all job duties, responsibilities and requirements. Duties, responsibilities and requirements may change over time and according to business need.
Worker Type:
Employee
-
Senior Information Security Analyst
4 weeks ago
Brisbane, Queensland, Australia 2094 Cubic Transportation Systems (Australia) Pty Limited Full timeJob Title: Senior Information Security AnalystCubic Transportation Systems is seeking a highly skilled Senior Information Security Analyst to join our team in Australia. As a key member of our security team, you will be responsible for managing vendor-supplied penetration tests across our customer programs to meet contractual and project requirements.Key...
-
Asd4, 5, 6 Information Security Analyst
2 months ago
Brisbane, Australia Australian Signals Directorate (ASD) Full timeTotal Salary package: $80,743.52 - $110,886.88 incl. 4% Service Allowance (plus 15.4% Super) - Brisbane CBD - QLD,Canberra - ACT **The Role** The duties of an ASD4, 5, 6 Information Security Analyst occupation in ASD include the following (note: not all duties are required to be performed during a 12-month performance cycle): **ASD4 Information Security...
-
Senior Business Information Security Analyst
2 weeks ago
Brisbane, Queensland, Australia Talent International Full timeWe are seeking a highly skilled Business Analyst to join an exciting Information Security Program with a leading QLD-based commercial organisation. The successful candidate will play a pivotal role in analysing and documenting business requirements for ISO 27001 compliance, with the potential to support additional compliance initiatives, including SOC 2.The...
-
Senior Information Security Business Analyst
2 days ago
Brisbane, Queensland, Australia Talent International Full timeInformation Security Business AnalystThe successful candidate will play a pivotal role in analysing and documenting business requirements for ISO 27001 compliance.Key Responsibilities:Analyse and document business requirements for ISO 27001 certification projects.Collaborate with stakeholders to ensure that project objectives align with business...
-
Senior Information Security Business Analyst
3 weeks ago
Brisbane, Queensland, Australia Talent International Full timeWe are seeking a highly skilled Business Analyst to join an exciting Information Security Program with a leading QLD-based commercial organisation. The successful candidate will play a pivotal role in analysing and documenting business requirements for ISO 27001 compliance, with the potential to support additional compliance initiatives, including SOC 2.Key...
-
Senior Cyber Security Analyst
4 weeks ago
Brisbane, Queensland, Australia The Decipher Bureau Full timeJob Title: Senior GRC Security AnalystWe are seeking a highly skilled Senior GRC Security Analyst to join our team at The Decipher Bureau. As a key member of our team, you will play a critical role in implementing and maintaining our Information Security Management System (ISMS) based on ISO 27001, ASD ISM, and PSPF standards.Key Responsibilities:Develop and...
-
Senior Cyber Security Analyst
4 weeks ago
Brisbane, Queensland, Australia The Decipher Bureau Full timeJob Title: Senior GRC Security AnalystWe are seeking a highly skilled Senior GRC Security Analyst to join our team at The Decipher Bureau. As a key member of our team, you will play a critical role in implementing and maintaining our Information Security Management System (ISMS) based on ISO 27001, ASD ISM, and PSPF standards.Key Responsibilities:Develop and...
-
Information Security Operations Analyst
2 months ago
Brisbane, Australia Virgin Australia Full time**Work type**: Full Time**Location**: Brisbane**Job type**: IT**Applications close**: **Information Security Operations Analyst**: - Full-time, Brisbane based position Hello. We’re Virgin Australia. We’re the airline that’s always done things a little different. Our way. The Virgin way. We’re on a mission to make flying better than ‘nice’. And...
-
Senior Cyber Security Analyst
3 months ago
Brisbane, Australia Ashurst Full timeJob Title Senior Cyber Security Analyst ...
-
Senior Cyber Security Analyst
4 weeks ago
Brisbane, Queensland, Australia Ashurst Full timeJob Title: Senior Cyber Security AnalystLocation: BrisbaneWe are seeking a highly skilled Senior Cyber Security Analyst to join our global team in Brisbane, on a full-time permanent basis.The Opportunity:The Senior Cyber Security Analyst will be responsible for implementing and maintaining advanced security controls, conducting comprehensive security...
-
Information Security Operations Analyst
1 month ago
Brisbane, Queensland, Australia Virgin Australia Full timeAbout the RoleWe are seeking an experienced Information Security Operations Analyst to join our team at Virgin Australia. As a key member of our Security Operations team, you will play a critical role in monitoring and responding to information security incidents, ensuring the confidentiality, integrity, and availability of our systems and data.Key...
-
Information Security Operations Analyst
4 weeks ago
Brisbane, Queensland, Australia Virgin Australia Full timeAbout the RoleWe are seeking an experienced Information Security Operations Analyst to join our team at Virgin Australia. As a key member of our Security Operations team, you will play a critical role in monitoring and responding to information security incidents, ensuring the confidentiality, integrity, and availability of our systems and data.Key...
-
Brisbane, Queensland, Australia Talent International Full timeTalent International is seeking a skilled Business Information Security Analyst.This exciting Information Security Program position focuses on ensuring the alignment of business processes with information security standards.Key Responsibilities:Analyse and document business requirements for ISO 27001 certification projects.Collaborate with stakeholders to...
-
Information Security Intelligence Analyst
5 months ago
Brisbane, Australia Virgin Australia Full time**Work type**: Full Time**Location**: Brisbane**Job type**: IT**Applications close**: **Information Security Intelligence Analyst**: Hello. We’re Virgin Australia. We’re the airline that’s always done things a little different. Our way. The Virgin way. We’re on a mission to make flying better than ‘nice’. And to do that, it takes a team of...
-
Security Analyst
5 months ago
Brisbane, Australia Gateway Synergy Recruitment Full timeExperience with analysing gateway & network security monitoring solutions - Brisbane based, must have Baseline security clearance Gateway Synergy is looking for highly experienced Security Analyst contractor. The security infrastructure analyst will have experience in performing current state analysis, requirements analysis definition and implementation of...
-
Information Security Operations Analyst
4 weeks ago
Brisbane, Queensland, Australia Virgin Australia Airlines Full timeAbout the RoleWe're seeking a highly skilled Information Security Operations Analyst to join our team at Virgin Australia Airlines. As a key member of our security operations team, you will play a critical role in monitoring and responding to information security incidents, ensuring the confidentiality, integrity, and availability of our systems and data.Key...
-
Information Security Manager
5 months ago
Brisbane, Australia Cubic Corporation Full timeBusiness Unit: Cubic Transportation Systems Company Details: When you join Cubic, you become part of a company that creates and delivers technology solutions in transportation to make people’s lives easier by simplifying their daily journeys, and defense capabilities to help promote mission success and safety for those who serve their nation. Led by our...
-
Senior Cyber Security Analyst
1 month ago
Brisbane, Queensland, Australia Ashurst Full timeAbout the RoleWe are seeking a highly skilled Senior Cyber Security Analyst to join our global team in Brisbane. As a key member of our security team, you will be responsible for implementing and maintaining advanced security controls, conducting comprehensive security assessments, and managing and responding to complex security incidents.Key...
-
Brisbane, Queensland, Australia Talent International Full timeBusiness Analyst Job DescriptionWe are seeking a highly skilled Business Analyst to join our Information Security Program with Talent International. The successful candidate will play a pivotal role in analysing and documenting business requirements for ISO 27001 compliance, with the potential to support additional compliance initiatives, including SOC 2.Key...
-
Senior Cyber Security Analyst
4 weeks ago
Brisbane, Queensland, Australia The Decipher Bureau Full timeAbout the RoleWe are seeking a highly skilled and experienced Senior Cyber Security Analyst to join our team at The Decipher Bureau. As a key member of our team, you will be responsible for driving the implementation of our Information Security Management System (ISMS) in accordance with ISO 27001, ASD ISM & Essential 8, and other relevant standards.Key...
