Security Analyst
Stockton-On-Tees
We have a top-tier portfolio of businesses, including Cubic Transportation Systems (CTS) and Cubic Defense (CD). Explore more on Cubic.com.Job Details:
Job Summary:
Responsible for applying IT security tools and processes to manage and report operational information security risk as a service provider to customers. Works with internal service and technical teams to manage the outputs of security systems. Provides guidance and expertise regarding operational service calls, incidents and problems, and general awareness of information security. This position typically works under general supervision and direction. Incumbents will regularly exercise discretionary decision-making authority.
Essential Job Duties and Responsibilities:
- Works autonomously to recognize, investigate and reconcile violation reports and logs generated by detection systems in accordance with established procedures and security standards. Examples include but are not limited to responding to and reporting from automated alerting systems, auditing logs, IDS/IDP logs, anti-virus and firewall systems.
- Installs, manages and improves technical security control tools.
- Undertake security investigations and compiles outcome reports. Implements recommendations where required.
- Creates and delivers user documentation and security awareness literature and training
- Contributes to the assessment of the potential impact on existing access security mechanisms of specific planned technical changes, in order to help ensure that potential compromise or weakening of existing security controls is minimized. Participates in the evaluation, testing and implementation of such changes.
- Ensures that coordination and change control are applied to technical specifications and to the technical infrastructure.
- Leads risk assessments and security control reviews for all types of business applications and computer installations and recommends appropriate action to management.
- Supports internal and external customers defining their needs for new access rights and privileges.
- Contributes to other information security, contingency planning and related activities.
- Some manual handling may occasionally be required. May be required to work on other Cubic sites and data centers.
- Provide training and guidance to the wider team, promoting best practice and process improvement.
- Comply with Cubic’s values and adherence to all company policy and procedures. In particular comply with the code of conduct, quality, security and occupational health, safety and environmental policies and procedures.
- This role is required to participate in an on-call rotation.
- In addition to the duties and responsibilities listed, the job holder is required to perform other duties assigned by their manager from time-to-time, as may be reasonably required of them.
Minimum Job Requirements:
Skills knowledge and experience:
Essential:
- Demonstrable experience in security operations or development roles.
- Sound knowledge of change and configuration management, reliability and safety methods and the use of metrics.
- Extensive knowledge of information security and technologies
- Significant experience in an IT environment
- In depth understanding of IT security control tools, e.g. ArcSight, Splunk, Qualys, Nessus, Tripwire, OSSec, Cisco IPS, McAfee, IBM Guardium, Centrify, Barracuda WAF
Desirable:
- ISO 27001/PCI-DSS compliance experience
- Experience of quality management systems e.g. ISO 9001
- Understanding of security within agile and waterfall project methods
Education and qualifications
Essential:
- University degree in a relevant subject (e.g. information security, encryption, computer science, maths, engineering) or equivalent educations/experience
- Certification as an Information Security professional (e.g. IISP/CISA/CISM/SSCP/ CISSP/ ISA)
Desirable:
- A university master-level degree in a relevant subject
- IT vendors’ certifications
- ITIL v3/ Prince2 foundation level/ TOGAF 9
Personal Qualities
- Able to work effectively and uphold professional standards and confidentiality with internal and external stakeholders at all levels
- Self-motivated
- Able to work on own initiative, unsupervised
- Attention to detail and adherence to procedures
- Strong customer service skills
- Strong verbal and written communications skills
- Ability to understand corporate objectives to implement them as business unit policy
- Ability to travel
The description provided above is not intended to be an exhaustive list of all job duties, responsibilities and requirements. Duties, responsibilities and requirements may change over time and according to business need.
#LI-JR1#LI-HybridWorker Type:Employee* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile ArcSight Audits CISA CISM CISSP Compliance Computer Science Encryption Firewalls IDS IPS ISO 27001 ITIL Nessus Qualys Risk assessment Splunk SSCP TOGAF Travel Tripwire
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Engineer jobs
- Open Cloud Security Architect jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Architect jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Security Consultant jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information System Security Officer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open DevSecOps-related jobs