Website Cubic

Responsible for leading a small team of operational security analysts applying IT security tools and processes to manage and report operational information security risk as a service provider to Cubic’s customers.  Recognised internally as a subject matter expert. Works autonomously, able to assess and drive work priorities, with limited support or guidance needed from senior security function leadership.

  • Lead and supervise the team on a day to day basis, ensuring that the team is adequately resourced and has the required skills and ability to deliver the agreed level of service to our customers.
  • Contribute to the technical strategy and procedures for the team and ensure that the team’s objectives are aligned with the business objectives as set by senior management.
  • Work collaboratively with internal stakeholders to develop and facilitate team performance improvements.
  • Provide expert technical on-the-job training, alongside the Learning & Development team, coaching and mentoring to the team
  • Leads security incident and event management and other operational cyber security monitoring  generated by security control tools in accordance with established procedures and security standards.  Examples include responding to and reporting from automated alerting systems, audit logs, IDS/IDP logs, anti-virus and firewall systems.
  • Leads incident response, undertakes security investigations and compiles incident and problem management/ root cause analysis reports. Implements corrective actions where required.
  • Leads vulnerability management process for the region.
  • Leads external penetration test activities procured from vendors and ensures remediations are documented and implemented.
  • Installs, manages and improves technical security control tools and processes.
  • Ensures change control requests are reviewed against cyber security requirements to reduce the risk  of weakening existing security controls. Participates in the evaluation, testing and implementation of such changes.
  • Leads security control reviews for all types of IT infrastructure and business applications and recommends appropriate action across the wider Security function.
  • Supports mobilisation of new customer programmes and new systems and ensures readiness for operations via established service transition processes within region.
  • Supports internal and external customers defining their needs for new access rights and privileges.
  • Ensures key performance/ key risk information is collated and delivered to internal and external customers according to schedule.
  • Contributes to other information security, contingency planning and related activities.
  • May be required to work at or travel  on to other local Cubic sites and datacentres.
  • Comply with Cubic’s values and adherence to all company policy and procedures.  In particular comply with the code of conduct, quality, security and occupational health, safety and environmental policies and procedures.
  • In addition to the duties and responsibilities listed, the job holder is required to perform other duties assigned by their manager from time-to-time, as may be reasonably required of them.

To apply for this job please visit