Security Engineer (Security Testing)

The Company

Founded in 2009, Cubic Telecom has grown to become one of the leading providers of connectivity solutions and analytics services that help vehicle and IoT device manufacturers manage and grow revenue streams. Fast paced, smart, ambitious, and continually seeking new, ideas. That’s us, is it you? At Cubic you will find an environment filled with energy and collaboration, where we set out every day to improve not just the world, but ourselves and each other.

We believe in leadership that supports empowerment and responsibility, while recognising and developing leadership qualities across Our Team. Together we bring out the best in each other. So, whether you’re interested in joining us as an individual contributor, manager, senior leader – or someone who aspires to growing into a leadership role – we look for people who are results focused, empathetic, visionary, empowering, and who ‘champion’ our cultures and values.

The Role

Cubic are hiring a security engineer, with experience in secure engineering practices. The role will be involved across all stages of the Product lifecycle and will be responsible for ensuring that Cubic’s products and systems design & architecture are developed with security best practices in mind. This includes but not limited to:

• Product Architecture - Security Controls
• Cloud Security
• API Security
• Network Security
• Threat Modelling
• DR & BC plans
• Data Handling & Processing
• Encryption Standards & Industry Compliance
• Fulfilling Customer Expectations & Cubic Security benchmark standards
• The role will also engage across a broad range of activities in the Cyber security area as part of Cubic’s cyber security team.

Responsibilities:

• Day to day membership of the Cubic cyber security team.
• Hands on execution of security tools and processes for security testing.
• Performing Penetration testing on Web, API & Network
• Engagement across Cubic as a cyber security subject matter expert.

Requirements

Essential Experience and Qualifications:

• 3 to 5 years’ experience in the Cyber-security industry, with hands on experience of security testing, vulnerability management
• Experience owning and executing a security testing programme.
• Ability to analyse complex security issues and develop effective solutions
• Industry accepted security certifications (CISSP, CISM, CompTIA, CEH, OSCP, etc.)
• Detailed knowledge of current / popular web application vulnerability / attack vectors including, but not limited to, OWASP Top 10.
• Knowledge of regulatory guidelines and standards such as GDPR, PCI-DSS, CIS, NIST etc
• Familiarity with MITRE ATT&CK Enterprise Matrix and MITRE D3FEND

 Desired Experience and Qualifications

• Experience in the Telecoms industry is desirable, but not mandatory.
• Good Understanding of Azure Cloud & CI/CD pipelines
• Experience in automation of security tooling would be an advantage for this role.
• Experience in ISO27001 / ISMS implementation would also be an advantage.

Benefits

• 25 days annual leave (pro-rated) + 2 company days
• Health Insurance
• Pension Contribution
• ESOP
• Death in Service Benefit
• Tax saver scheme
• Learning and Development Supports
• Career Development Opportunities
• Bits & Bobs days (paid half day every quarter to get your Bits & Bobs completed)
• Bike to work scheme
• Sports and Social Club
• Regular social events

Cubic Telecom is an equal opportunities employer and committed to fostering a diverse and inclusive workplace.