Staff Cybersecurity Engineer

It’s not just about your career or job title… It’s about who you are and the impact you will make on the world. Because whether it’s for each other or our customers, we put People First. When our people come together, we Expand the Possible and continuously look for ways to improve what we create and how we do it. If you are constantly striving to grow, you’re in good company. We are revolutionizing the way the world moves for future generations, and we want someone who is ready to move with us.

Who will you be working with?

Join Enterprise Information Security (EIS) to drive cybersecurity excellence leveraging intelligence, strategic partnerships, and analysis. Collaborate daily with Information Security Assurance, Enterprise Security Services, Security Operations, and key Information Technology stakeholders to advance our information security capabilities.

How will you make a difference?

Join Enterprise Information Security and contribute to the protection of IT systems and services. As a Staff Cybersecurity Engineer, reporting to the Senior Manager of Security Operations, you will be responsible for designing and implementing security requirements and controls for enterprise protection services, including endpoint detection & response (EDR), email security, and data loss prevention (DLP) technologies. Your role will involve ensuring the security and integrity of Wabtec's enterprise environments, offering technical security guidance to cross-functional teams, and evaluating existing application services and infrastructure designs to recommend remediations that mitigate information security risks. This position offers an opportunity to support cybersecurity excellence within the organization.

What do we want to know about you?

You must have:

• Bachelor’s degree in computer science, Information Technology, or a related field, or a minimum of 8 years of full-time experience in cybersecurity
• Expertise with deploying, configuring and maintaining Endpoint Detection & Response
• Extensive expertise in Microsoft 365 (M365) security and governance practices
• Knowledge of email security best practices and Exchange Online controls
• Experience with Unified Endpoint Management
• Experience with creating and managing hardened secure baselines
• Experience managing workstreams and transparency with IT Service Management
• Experience with Python, PowerShell, or related scripting/coding languages to automate enterprise security workflows
• Experience with security frameworks such as NIST, ISO, and CIS and decomposing them to granular security requirements and configurations
• Experience with hands-on implementation and analysis of security configuration policies in an enterprise IT context
• Excellent analytical and problem-solving skills with the ability to work
• Excellent communication and interpersonal skills
• Must be willing to work weekends/off-shift hours, as needed during incidents

We would love it if you had:

• Bachelor’s degree in computer science, Information Technology, or a related field
• Ability to work unsupervised
• Strategic and creative thinking to analyze issues that may arise and create solutions
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most recommendation to leadership
• An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner
• Proven ability to remain task-driven and keep leadership updated on project status
• Ability to respond positively to feedback and implement changes in process and procedures as needed
• Understanding of network security, application security, and cloud security
• CISSP, Microsoft, or CompTIA security certification is preferred
• Ability to work in a fast-paced environment with effective project management skills and ability to work on a Global team
• Excellent communication skills with the ability to manage joint response and remediation efforts and constructively influence peers and leadership
• Commitment to continuous learning and adaptability in an evolving cybersecurity landscape

What will your typical day look like?

• Design and implement security controls and policies for MDE in a hybrid and multi-cloud environment
• Provide security guidance through baseline configurations and controls based on security frameworks and best practices for:
• Privileged Identity Management
• Privileged Access Management solutions
• CyberArk, SailPoint, and Defender for Identity
• Workstation and server endpoint management
• Design and mature effective email security controls to identify improvements and defenses based on threat intelligence and operational data
• Work closely with stakeholders across the enterprise to understand the business use case and effectively drive security requirements
• Collaborate with IT, applications, GRC, and security operations teams to ensure that security controls are implemented effectively
• Function as a security SME for enterprise ecosystems
• Perform risk assessments, vulnerability assessments, and threat modeling to identify potential security risks and vulnerabilities
• Review security audits, assessments, and tests to evaluate the effectiveness of security controls
• Provide support and reporting for compliance with security frameworks such as NIST, ISO, and CIS
• Develop and implement enterprise security architectures and solutions that are aligned with business objectives and meet regulatory requirements
• Develop and maintain documentation on security policies, standards, and procedures
• Use configuration management tools to ensure proper configuration of systems and applications
• Stay up to date with the latest security technologies and industry trends
• Other duties as assigned

What about the physical demands of the job?

• Regularly remaining in a stationary position, often standing or sitting for prolonged periods
• Regularly communicating with others to exchange information
• Regularly required to attend meetings in person and virtually using video and audio computer equipment
• Regularly repeating motions that may include the wrists, hands, and/or fingers, such as typing
• Occasionally moving about to accomplish tasks or moving from one worksite to another
• Occasionally light work that includes moving objects up to twenty pounds

You may also be asked to perform other duties outside of your function or trade, for which adequate training will be provided if necessary.

Work Environment: (Usual office job)

• Hybrid work schedule (both on-site and remote)
• The employee will normally work in a temperature-controlled office environment, with frequent exposure to electronic office equipment. During visits to areas of operations, may be exposed to extreme cold or hot weather conditions. Is occasionally exposed to fumes or airborne particles, toxic or caustic chemicals, and loud noise

Who are we?

Wabtec Corporation is a leading global provider of equipment, systems, digital solutions, and value-added services for freight and transit rail as well as the mining, marine, and industrial markets. Drawing on nearly four centuries of collective experience across Wabtec, GE Transportation, and Faiveley Transport, the company has grown to become One Wabtec, with unmatched digital expertise, technological innovation, and world-class manufacturing and services, enabling the digital-rail-and-transit ecosystems.

Wabtec is focused on performance that drives progress and unlocks our customers’ potential by delivering innovative and lasting transportation solutions that move and improve the world. We are lifelong learners obsessed with making things better to drive exceptional results. Wabtec has approximately 27K employees in facilities throughout the world. Visit our website to learn more! http://www.WabtecCorp.com

Our Commitment to Embrace Diversity:

Wabtec is a global company that invests not just in our products, but also our people by embracing diversity and inclusion. We care about our relationships with our employees and take pride in celebrating the variety of experiences, expertise, and backgrounds that bring us together. At Wabtec, we aspire to create a place where we all belong and where diversity is welcomed and appreciated.

To fulfill that commitment, we rely on a culture of leadership, diversity, and inclusion. We aim to employ the world’s brightest minds to help us create a limitless source of ideas and opportunities. We have created a space where everyone is given the opportunity to contribute based on their individual experiences and perspectives and recognize that these differences and diverse perspectives make us better.

We believe in hiring talented people of varied backgrounds, experiences, and styles… People like you! Wabtec Corporation is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, or protected Veteran status. If you have a disability or special need that requires accommodation, please let us know.

About Us

Want to move the world? Want to innovate and bring that innovation to life?

At Wabtec, we are in the business of realizing potential – that of the transportation industry, and yours!

Drawing on nearly four centuries of collective success across the vibrant portfolios of Wabtec, GE Transportation and Faiveley Transport, we offer employees hands-on opportunities all over the world to shape the future of transportation – as well as their own. Wabtec is focused on performance that drives progress, leveraging our digital expertise, technological innovation, and world-class manufacturing and services to create transportation solutions that move and improve the world. Along with our industry-leading portfolio of products and solutions for the rail and transit industries, Wabtec is a leader in mining, marine, and industrial solutions.

Wabtec celebrates thinkers and doers. Our values included in the About Us page are rooted in innovation, collaboration, inclusiveness, and continuous improvement to solve our customers’ toughest challenges. Whether your talents lie in digital solution development, next-gen manufacturing, advanced service delivery, or the spectrum of business functions that support them, Wabtec literally has a world of opportunity for you across our global network.

Our employees are the architects of the future. Where will you be tomorrow?