It’s not just about your career or job title… It’s about who you are and the impact you will make on the world. Because whether it’s for each other or our customers, we put People First. When our people come together, we Expand the Possible and continuously look for ways to improve what we create and how we do it. If you are constantly striving to grow, you’re in good company. We are revolutionizing the way the world moves for future generations, and we want someone who is ready to move with us.
Who will you be working with?
The Enterprise Security Engineer role is part of Wabtec’s best-in-class Security Architecture team. You will have the opportunity to function as a security expert for new projects, working closely with teams across the global enterprise to ensure appropriate security requirements and controls are properly designed/implemented.
How will you make a difference?
As an Enterprise Security Engineer, you will be responsible for designing and implementing security requirements and controls for Wabtec IT on Enterprise projects and systems. As well as ensuring the security and integrity of Wabtec enterprise environments, you will provide technical security guidance to cross-functional teams for the creation and delivery of secure information technology solutions and shared services. You will analyze existing application services and infrastructure designs to suggest remediations where necessary to reduce information security risk.
What do we want to know about you?
You must have:
· Bachelor’s degree in computer science or information technology and at least 2 years of cyber security experience or High School Diploma and full time experience in cyber security.
· Experience with email security best practices and exchange online controls
· Experience with Python, PowerShell, or related scripting/coding languages to automate enterprise security workflows.
· Experience with creating and managing hardened secure baseline configurations
· Experience with hands on implementation and analysis of security configuration policies in an enterprise IT context
· Strong background in Microsoft environments
· Strong background with Microsoft Office and M365
· Strong background with Microsoft Active Directory
· Experience with Microsoft Defender products and operations
· Experience with Microsoft Intune
· Experience with security frameworks such as NIST, ISO, and CIS and decomposing them to granular security requirements and configurations
· Strong analytical and problem-solving skills
· Excellent communication and interpersonal skills
· Ability to work unsupervised
· Strategic and creative thinking to analyze issues that may arise, and create solutions
· Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most recommendation to leadership
· An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner
· Proven ability to remain task driven and keep leadership updated on project status
· Ability to respond positively to feedback, and implement change in process and procedures as needed
· Familiarity with Tanium and MDO
· Understanding of network security, application security, and cloud security
· CISSP, Microsoft or CompTIA security certification
· Ability to work in a fast-paced environment
What will your typical day look like?
· Design and implement enterprise-wide security controls and policies to protect against cyber threats in a hybrid and multi-cloud environment.
· Provide security guidance through baseline configurations and controls based on security frameworks and best practices for enterprise core security services including:
o Email Security
o Workstation and server endpoint management
o Microsoft Office and M365
o Privileged Identity Management and identity governance
o Browser security
o Data Loss Prevention solutions
· Work closely with stakeholders across the enterprise to understand the business use case and effectively drive security requirements
· Collaborate with IT, application, GRC and security operations teams to ensure that security controls are implemented effectively.
· Function as a security SME for enterprise ecosystems
· Evaluate risk assessments, vulnerability assessments, and threat modeling to identify potential security risks and vulnerabilities
· Review security audits, assessments, and tests to evaluate the effectiveness of security controls
· Provide support and reporting for compliance to security frameworks such as NIST, ISO, and CIS
· Developing and implementing enterprise security architectures and solutions that are aligned with business objectives and meet regulatory requirements
· Develop and maintain documentation on security policies, standards, and procedures
· Use configuration management tools to ensure proper configuration of systems and applications
· Stay up to date with the latest security technologies and industry trends
· Other duties as assigned
Who are we?
Wabtec Corporation is a leading global provider of equipment, systems, digital solutions, and value-added services for freight and transit rail as well as the mining, marine, and industrial markets. Drawing on nearly four centuries of collective experience across Wabtec, GE Transportation, and Faiveley Transport, the company has grown to become One Wabtec, with unmatched digital expertise, technological innovation, and world-class manufacturing and services, enabling the digital-rail-and-transit ecosystems.
Wabtec is focused on performance that drives progress and unlocks our customers’ potential by delivering innovative and lasting transportation solutions that move and improve the world. We are lifelong learners obsessed with making things better to drive exceptional results. Wabtec has approximately 27K employees in facilities throughout the world. Visit our website to learn more! http://www.WabtecCorp.com
Our Commitment to Embrace Diversity:
Wabtec is a global company that invests not just in our products, but also our people by embracing diversity and inclusion. We care about our relationships with our employees and take pride in celebrating the variety of experiences, expertise, and backgrounds that bring us together. At Wabtec, we aspire to create a place where we all belong and where diversity is welcomed and appreciated.
To fulfill that commitment, we rely on a culture of leadership, diversity, and inclusion. We aim to employ the world’s brightest minds to help us create a limitless source of ideas and opportunities. We have created a space where everyone is given the opportunity to contribute based on their individual experiences and perspectives and recognize that these differences and diverse perspectives make us better.
We believe in hiring talented people of varied backgrounds, experiences, and styles… People like you! Wabtec Corporation is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, or protected Veteran status. If you have a disability or special need that requires accommodation, please let us know.