Overview
When you join Cubic, you become part of a company that creates and delivers technology solutions in transportation to make people’s lives easier by simplifying their daily journeys, and defense capabilities to help promote mission success and safety for those who serve their nation. Cubic Transportation Systems (CTS) and Cubic Defense (CD) are part of a top-tier portfolio of businesses. Explore more on Cubic.com.
Job Details
Cubic Transportation Systems (CTS) is a global leader in intelligent transportation solutions, specializing in technologies that make public transit more efficient, accessible, and user-friendly. A significant feature is providing Fare and Payment card services to government and municipal customers across the globe.
Job Summary
As a member of the Cubic Information Security Team, you will be responsible for supporting efforts to monitor security for Cubic systems and assist in the analysis and response to incidents. The successful candidate must be proficient at security monitoring using Tenable, Crowd Strike, Splunk, Imperva, and other security tools. Work will be on Windows and Linux assets in cloud or data centers. Analysts will be responsible for IT security tools and processes to manage and report operational security risks to operations teams for remediation. The analyst must have an intimate awareness of PCI security compliance expectations. The candidate will be a partner to support external audits to facilitate PCI-DSS, ISO 27001, and SOC compliance/audit efforts. Scanning operations will involve routine daily or weekly operations as well as support for pen testing or audit efforts. Findings must be risk rated and effectively escalated for remediation. The role is recognized internally as a subject matter expert. Works autonomously, able to assess and drive work priorities with limited support or guidance.
Responsibilities
- Security Monitoring Configuration
- Design and implement security monitoring solutions using SIEM, EDR, NDR, CSPM, and cloud-native tools (e.g. Azure Cloud Defender, AWS Security Hub, Guard Duty, Inspector, CloudWatch).
- Integrate log sources from on-prem systems (firewalls, servers, endpoints, network devices) and cloud platforms (IaaS, PaaS, SaaS) into centralized monitoring systems.
- Develop and tune detection rules and correlation logic to identify suspicious behavior, policy violations, and potential threats.
- Tune detection rules to reduce false positives and improve signal-to-noise ratio.
- Maintain visibility across hybrid environments by ensuring telemetry coverage and log integrity.
- Threat Detection and Analysis
- Monitor alerts and logs for indicators of compromise (IOCs) and suspicious activity.
- Correlate events across multiple sources to identify potential threats.
- Perform triage and initial investigation of alerts to determine severity, scope, and potential impact.
- Use threat intelligence feeds to enrich alerts and prioritize response.
- Incident Escalation and Coordination
- Document and escalate validated security incidents to the appropriate operations or incident response teams.
- Provide detailed context, including affected systems, users, and potential impact.
- Collaborate with operations staff to ensure timely containment, eradication, and recovery.
- Track and report on escalated incidents, including root cause analysis and remediation status.
- Continuous Improvement
- Review and refine detection logic based on incident post-mortems, false positives, emerging threats, and operational feedback.
- Participate in threat hunting and proactive analysis to identify gaps in monitoring coverage.
- Recommend and implement automation for alert triage and response workflows.
- Contribute to playbooks and standard operating procedures for alert handling and escalation.
- Stay current with emerging threats, vulnerabilities, and security technologies.
- Compliance and Reporting
- Ensure monitoring configurations support regulatory and policy requirements (e.g., PCI, ISO 27001, GDPR, CIS).
- Generate reports on security posture, alert trends, and incident metrics for leadership and governance teams.
- Assist with audits and provide evidence of monitoring controls and incident handling.
- General Duties and Responsibilities
- Demonstrate accountability for work assignments and proactive communications about issues and status.
- Uphold professional standards with customers and system stakeholders.
- Be self-motivated and able to work unsupervised; be methodical and detail-oriented.
- Seek guidance from security subject matter experts when required.
- Collaborate with staff at all levels and in other locations; comply with Cubic’s Quality Management System and HR procedures.
Skills/Experience/Knowledge
Essential
- Familiarity with PCI DSS 4, ISO, and/or SOC I/II requirements and audits.
- Experience installing, configuring and supporting Tenable, Crowd Strike, Splunk, and Imperva in Windows and Linux environments.
- Experience monitoring in Azure and AWS cloud environments, as well as in data centers.
- Strong understanding of network security; experience as a network security admin and/or cloud or systems security admin is preferred.
- Advanced collaboration with stakeholders in a cross-functional IT organization; able to advise others on complex matters.
- Ability to work under limited supervision and exercise discretionary decision-making authority.
Desirable
- Deep understanding of security risks and threats related to the company’s operating environments.
Qualifications
Essential
- Minimum 8 years’ experience in services or IT systems in a mission critical setting.
- University degree in Computer Science, Engineering, or other technical fields, or Business Administration with relevant IT work experience.
- At least 5 years’ experience in IT security and/or Payment Card processing systems; solid ability to understand complex internally developed systems.
- Must reside within commuting distance from CTS offices in Brisbane QLD, Sydney NSW or Wellington NZ, and be able to travel within the region as needed.
Desirable
- ISACA CISA/CISM/CRISC, ISC2 CISSP, BCS CISMP/IISP or equivalent certifications.
- PCI SSC certifications (QSA).
Condition of Employment
Successful outcome of a National Police Check
Worker Type
Employee
#J-18808-Ljbffr
📌 Security Analyst
🏢 Cubic
📍 Brisbane City