Informatica has flagged the Information Security Engineering Manager job as unavailable. Let’s keep looking.

Business Unit:

Cubic Transportation Systems

Company Details:

Cubic offers an opportunity to provide innovative technology for government and commercial customers around the globe, helping to solve their future problems today. We’re the leading integrator of payment and information technology and services for intelligent travel solutions worldwide, and the leading provider of realistic combat training systems, secure communications and networking and highly specialized support services for military and security forces of the U.S. and allied nations. If you have an entrepreneurial spirit and thrive in an innovative environment, we want to talk to you about your next role at Cubic! We are seeking employees inspired by technology, and motivated by the rewards of hard work, commitment, teamwork, quality, integrity, and respect. We invite you to explore opportunities with Cubic.

Job Details:

Job Summary:

The role of the Programme Information Security Manager is to provide information security and compliance management for a specific Cubic customer. This position typically works under limited supervision and direction. Reports to the EMEA Information Security Manager. This role is an individual contributor.

Essential Job Duties and Responsibilities:

  • All aspects of the operational delivery and day-to-day execution of Security Services including but not limited to:
  • management, delivery and operation of the Security Services resources;
  • management, delivery and operation of the Security Requirements, including the Service Provider’s information security management system (ISMS); and
  • management, delivery and implementation of the ICT Services plans and the operational policies and processes required to deliver and execute the ICT Services plans;
  • Ensuring Security processes, practices and tools for the Services, and compliant with EU and Irish legal and regulatory requirements, are in place and operating effectively and efficiently, including but not limited to:
  • Data Protection Law;
  • Applicable Law relating to payment services Regulations,
  • Applicable Law relating to accessibility requirements;
  • Health and Safety Legislation;
  • Coordinating and managing the delivery and reporting of the Security Services;
  • Ensuring that the Security Services are established and executed in compliance with the requirements of the Framework Agreement and any Call-Off Contract;
  • Ensuring security of the System;
  • Operational performance and achievement of Security KPIs and PIs;
  • Fulfilment of security related Service Requests and Change Requests;
  • All matters requiring Changes arising throughout the Security Services and communicating with the customer, keeping them appraised of progress on change requests;
  • Mitigating and solving escalations with urgency and determination;
  • Demand management and all Security resources (including personnel, processes, technology and facilities) necessary to fulfil Security Services, including coordination and escalation with the ICT Manager / Systems Manager for demand management of ICT resources;
  • Coordinating and managing the resolution and reporting of all Security incidents and problems encountered by the Service Provider including those reported by the customer;
  • Communicating with the customer and all relevant stakeholders, keeping them appraised of progress on Security incidents, problems and service requests;
  • Achieving and demonstrating compliance with the Security requirements and controls under the Framework Agreement and any Call-Off Contract;
  • Providing the customer and its auditors with access to any records relating to the Security Services, any location or premises from which the Service Provider provides the Security Services and any records or premises of any Service Provider Staff (including the remote working sites) relating to the Security Services;
  • Providing assurance reports and any external certifications, accreditations and regulatory assurance reports it relies upon to deliver the Security Services to the customer including but are not limited to:
  • any information security certifications such as ISO/IEC 27001, ISO 27002 certifications;
  • any PCI compliance certification and attestations such as any PCI Self-Assessment Questionnaires (SAQs), PCI Attestations of Compliance (AOC) reports or any Reports on Compliance (ROC) reports;
  • any EMVCo approvals; and
  • any external vulnerability assessment on physical premises and Services and System environments and devices (including Cloud environments) used in the performance of the Services;
  • Reporting to the customer in accordance with the requirements of the customer’s Framework Agreement and any Call-Off Contract;
  • Attending the relevant Governance and Performance Review Meetings between the Service Provider and the customer to manage and review the Service Provider Security Services performance under the customer’s Framework Agreement and any Call-Off Contract;
  • Arranging meetings, when required to discuss and seek resolution of issues; and
  • The management and continuous improvement of the Security Services.
  • Some manual handling may occasionally be required
  • May be required to work on other Cubic sites and datacentres
  • Comply with Cubic’s values and adherence to all company policy and procedures. In particular, comply with the code of conduct, quality, security and occupational health, safety and environmental policies and procedures.
  • In addition to the duties and responsibilities listed, the job holder is required to perform other duties assigned by their manager from time-to-time, as may be reasonably required of them.

Minimum Job Requirements:

Qualifications

Essential:

  • A university degree in a numerate subject (e.g. computer science, maths, engineering, natural science) or equivalent
  • Certification(s) as an information security professional (e.g. IISP/CISA/CISM/CISSP/CCSP/ISA/ QSA/CDPSE/CIPM)

Desirable:

  • ITIL / Prince2 / TOGAF

Skills/Experience/Knowledge

Essential:

  • Knowledge of wider security, audit, risk and compliance standards e.g. PCI-P2PE, PCI-POI-PTS, ISO 27001/2, ISO27005, ISAE3402, GDPR and governance/ risk/ compliance tools, as well as quality management systems and external audit standards e.g. ISO 9001, ISAE3402
  • Significant experience working in security lead roles in a senior role on AFC ticketing technology projects of a similar scope and scale to the customer’s services
  • Experience operating at least one (1) ticketing AFC technology project of a similar scope and scale
  • Current driving licence

Desirable:

  • Experience of transactional revenue, embedded, smartcards and mobile payment systems
  • Knowledge / experience of security architecture of major public cloud services e.g. Microsoft Azure, Amazon Web Services, Google Cloud, Cloud Access Service Brokers
  • In depth understanding of information security controls, e.g., SIEM, XDR/ AV, FIM, WAF, and GRC tools

Personal Qualities

  • Must be able to work effectively and uphold professional standards and confidentiality with Cubic’s external and internal customers, third parties and staff at all levels of these organisations. 
  • Self-motivated, able to work on own initiative and as part of an international matrix team, unsupervised, and be recognized by their peers as inspirational and the “go-to” person for solving problems.
  • Able to juggle multiple tasks with deftness and compliance to deadlines.
  • Tenacity to keep going when things get difficult, an optimistic and upbeat personal manner
  • Strong verbal and written communications skills in English.
  • A degree of flexibility required in working time due to supporting a 24/7 operation and to liaise with colleagues in multiple time zones.

The description provided above is not intended to be an exhaustive list of all job duties, responsibilities and requirements. Duties, responsibilities and requirements may change over time and according to business need.

Worker Type:

Employee

Read Full Description
Confirmed 10 hours ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles