Verra Mobility is a global leader in smart mobility. We develop technology-driven solutions to make transportation safer and more convenient worldwide. We work with police departments and municipalities across North America, the Asia Pacific and Europe to install safety cameras, including red-light, speed, and school bus stop arm cameras. We manage tolling transactions and violations for the world's largest commercial fleets and rental car companies, serving over 8.5 million vehicles whilst, via our proprietary connected systems, are processing nearly 165 million transactions each year for more than 50 tolling authorities.

We are seeking an experienced Information Security Analyst – Security Ops & Risk to strengthen our information security capability across Australia and the broader international business.

This is a permanent, full-time and hybrid role, working from home and our National Head Office, South Melbourne.

The role: 

This hands-on role suits someone with strong security operations experience who can operate independently as a key security resource in the business. You will take ownership of security monitoring, vulnerability management, incident response, control improvement and security reporting.

Beyond SOC monitoring, you will investigate security events, coordinate remediation, improve processes, support audits and work with technology, operations and corporate teams to manage security risk in a regulated environment.

As an Information Security Analyst at Verra Mobility you will work on:

• Monitor, triage and investigate security alerts across SIEM, EDR, network and cloud environments.
• Coordinate security incidents, including investigation, escalation, documentation, containment and post-incident review.
• Own vulnerability management activities, including scanning, prioritisation, remediation tracking and reporting.
• Review security controls across cloud, endpoint, network and application environments.
• Support penetration testing, external assessments and remediation planning.
• Improve detection, response and reporting capability across security tools and processes.
• Maintain security documentation, incident reports, risk records and audit evidence.
• Partner with IT, engineering, operations and external vendors to reduce security risk.
• Support compliance, governance and audit activities across a regulated technology environment.
• Contribute to the maturity of security practices, processes, standards and controls

Technical Skills

• SIEM, EDR, IDS/IPS, vulnerability scanning and incident response tools.
• Cloud security exposure across AWS, Azure or similar environments.
• Understanding of IOCs, MITRE ATT&CK, phishing, malware and common attack techniques.
• Familiarity with security frameworks such as Essential Eight, ISO 27001, NIST CSF or similar.

Who are you?

You are an experienced security operations professional who can operate independently as a trusted security resource in the business. You bring hands-on experience across security monitoring, incident response, vulnerability management and control improvement, with the judgement to investigate issues, coordinate remediation and manage risk in a regulated environment.

You are accountable, analytical and calm under pressure, with clear communication skills and the confidence to work effectively with technical and non-technical stakeholders.

To apply, click below, submit your resume and a cover letter detailing your suitability for the role. We look forward to your application!

We value the unique backgrounds, experiences, and contributions that each person brings to our community and encourage and celebrate diversity.  First Nations people, those identifying as LGBTQIA+, females, people of all ages, with disabilities and culturally and linguistically diverse people are encouraged to apply. Our aim is to create a workforce that reflects the community in which we live.

Position Overview: 

The Director of Information Security is responsible for the design, development and implementation of enterprise cybersecurity solutions and will report to the Vice President of Information Security. This position is the highest-level technical expert and is responsible for managing the cybersecurity architecture and engineering functions. The Director of Information Security is also responsible for monitoring and verifying that the enterprise is appropriately protected from internal and external threats, while enabling the organization to work effectively and productively.

Essential Responsibilities: 

• Responsible for the planning, design and implementation of security measures created to safeguard access to resources, enterprise networks, computer systems, and data elements. Setting the strategy for the enterprise cybersecurity solutions.
• Configure, deploy, fine tune, and monitor SIEM, WAF, Firewall, Zero-Trust, IAM, MFA, EPP, SOAR, Vulnerability Management, Threat Intelligence, DLP, CASB, Secure Web & Email Gateway.
• Stay abreast of industry best practices in risk management techniques and integrate new methods and tools as appropriate.
• Monitor vendor and third-party security reports/lists and proactively patch vulnerabilities.
• Work with business line executives to provide visibility into the security risks with a standard risk management approach to track, mitigate and report on the risks.
• Engage with internal and external partners to help design, test, and implement state-of-the-art secure operating systems, applications, networks, and database products/solutions.
• Lead and participate in security operations support and incident management.
• Oversee individual contributors such as security engineers to provide them with clear vision and goals so that cybersecurity is seen as an integral component of enterprise architecture and portfolio management.
• Serve as the cybersecurity subject matter expert by providing guidance and consulting services to IT teams and business units.
• Maintains proper documentation for all security products and processes.

Qualifications:

• Bachelor’s degree from an accredited university.
• 10 years of progressive technology experience
• Minimum of 5 years of experience in a cybersecurity engineering or architecture leadership role.
• The ability to motivate and lead a team of cybersecurity staff supporting the organization’s goal and leads the process of developing a security vision for the future.
• Articulate with strong business acumen and executive presence.
• Foster and build a collaborative working relationship with various stakeholders.
• Expert in information security management, and business risk management.
• Ability to develop and maintain relationships with senior leaders at Verra Mobility and with customers, up to and including C-level executives.
• Must be adept at developing senior management presentations, enterprise communications, and whitepapers that are logical and concise with only general guidance from the VP, Cybersecurity and others to support senior executive reviews and initiatives.
• Must be proficient in leading cross-functional teams of senior employees to achieve objectives.
• Extensive experience in strategic planning, budgeting, and allocation.
• Direct experience leading and managing employees.
• Experience implementing cybersecurity solutions supporting defense-in-depth architecture.
• Experience developing cybersecurity best practices and standard operating procedures.
• Coachable and willing to learn with positive demeanor.
• Ability to take initiative and drive results.
• Minimum (DoD Directive 8140) certification of CISSP or CompTIA Security+.
• Proficiency in scripting languages that enable automation (i.e. Python, PowerShell, Bash).
• Strong organizational and time management abilities with formal project management experience.
• Work well under pressure and respond to tight deadlines while exercising sound judgment.
• Ability to work collaboratively with diverse stakeholders.
• Proficiency in Microsoft Office (i.e., excel xlookup, Power BI report building).
• Experience working in a regulated industry and confirming cybersecurity practices to SOX, PCI, NIST, ISO, SOC 2, and many others.
• Must be locally located and comfortable working a 3 days in office hybrid model and 2 days remote.

Desired Skills:

• Other security certifications, such as GSEC, OSCP, CISM, etc.
• Demonstrated ability to multi-task, respond to needs quickly and efficiently and prioritize work with a strong attention to detail.
• Must be a self-starter and possess the qualities to work efficiently, effectively, and autonomously with general supervision.

This position is not eligible for sponsorship now or in the future and is only considering local Arizona talent.

Position Overview: 

The Director of Information Security is responsible for the design, development and implementation of enterprise cybersecurity solutions and will report to the Vice President of Information Security. This position is the highest-level technical expert and is responsible for managing the cybersecurity architecture and engineering functions. The Director of Information Security is also responsible for monitoring and verifying that the enterprise is appropriately protected from internal and external threats, while enabling the organization to work effectively and productively.

Essential Responsibilities: 

• Responsible for the planning, design and implementation of security measures created to safeguard access to resources, enterprise networks, computer systems, and data elements. Setting the strategy for the enterprise cybersecurity solutions.
• Configure, deploy, fine tune, and monitor SIEM, WAF, Firewall, Zero-Trust, IAM, MFA, EPP, SOAR, Vulnerability Management, Threat Intelligence, DLP, CASB, Secure Web & Email Gateway.
• Stay abreast of industry best practices in risk management techniques and integrate new methods and tools as appropriate.
• Monitor vendor and third-party security reports/lists and proactively patch vulnerabilities.
• Work with business line executives to provide visibility into the security risks with a standard risk management approach to track, mitigate and report on the risks.
• Engage with internal and external partners to help design, test, and implement state-of-the-art secure operating systems, applications, networks, and database products/solutions.
• Lead and participate in security operations support and incident management.
• Oversee individual contributors such as security engineers to provide them with clear vision and goals so that cybersecurity is seen as an integral component of enterprise architecture and portfolio management.
• Serve as the cybersecurity subject matter expert by providing guidance and consulting services to IT teams and business units.
• Maintains proper documentation for all security products and processes.

Qualifications:

• Bachelor’s degree from an accredited university.
• 10 years of progressive technology experience
• Minimum of 5 years of experience in a cybersecurity engineering or architecture leadership role.
• The ability to motivate and lead a team of cybersecurity staff supporting the organization’s goal and leads the process of developing a security vision for the future.
• Articulate with strong business acumen and executive presence.
• Foster and build a collaborative working relationship with various stakeholders.
• Expert in information security management, and business risk management.
• Ability to develop and maintain relationships with senior leaders at Verra Mobility and with customers, up to and including C-level executives.
• Must be adept at developing senior management presentations, enterprise communications, and whitepapers that are logical and concise with only general guidance from the VP, Cybersecurity and others to support senior executive reviews and initiatives.
• Must be proficient in leading cross-functional teams of senior employees to achieve objectives.
• Extensive experience in strategic planning, budgeting, and allocation.
• Direct experience leading and managing employees.
• Experience implementing cybersecurity solutions supporting defense-in-depth architecture.
• Experience developing cybersecurity best practices and standard operating procedures.
• Coachable and willing to learn with positive demeanor.
• Ability to take initiative and drive results.
• Minimum (DoD Directive 8140) certification of CISSP or CompTIA Security+.
• Proficiency in scripting languages that enable automation (i.e. Python, PowerShell, Bash).
• Strong organizational and time management abilities with formal project management experience.
• Work well under pressure and respond to tight deadlines while exercising sound judgment.
• Ability to work collaboratively with diverse stakeholders.
• Proficiency in Microsoft Office (i.e., excel xlookup, Power BI report building).
• Experience working in a regulated industry and confirming cybersecurity practices to SOX, PCI, NIST, ISO, SOC 2, and many others.
• Must be locally located and comfortable working a 3 days in office hybrid model and 2 days remote.

Desired Skills:

• Other security certifications, such as GSEC, OSCP, CISM, etc.
• Demonstrated ability to multi-task, respond to needs quickly and efficiently and prioritize work with a strong attention to detail.
• Must be a self-starter and possess the qualities to work efficiently, effectively, and autonomously with general supervision.

This position is not eligible for sponsorship now or in the future and is only considering local Arizona talent.