It's not just about your career or job titleIt's about who you are and the impact you will make on the world. Because whether it's for each other or our customers, we put People First. When our people come together, we Expand the Possible and continuously look for ways to improve what we create and how we do it. If you are constantly striving to grow, you're in good company. We are revolutionizing the way the world moves for future generations, and we want someone who is ready to move with us.
Who will you be working with?
The Enterprise Security Engineer role is part of Wabtec's best-in-class Security Architecture team. You will have the opportunity to function as a security expert for new projects, working closely with teams across the global enterprise to ensure appropriate security requirements and controls are properly designed/implemented.
How will you make a difference?
What do we want to know about you?
- You must have:_
- Bachelor's degree in computer science or information technology and at least 2 years of cyber security experience or High School Diploma and full time experience in cyber security.
- Experience with Python, PowerShell, or related scripting/coding languages to automate enterprise security workflows.
- Experience with creating and managing hardened secure baseline configurations
- Experience with hands on implementation and analysis of security configuration policies in an enterprise IT context
- Strong background in Microsoft environments
- Strong background with Microsoft Office and M365
- Strong background with Microsoft Active Directory
- Experience with Microsoft Defender products and operations
- Experience with Microsoft Intune
- Experience with security frameworks such as NIST, ISO, and CIS and decomposing them to granular security requirements and configurations
- Strong analytical and problem-solving skills
- Excellent communication and interpersonal skills
- Ability to work unsupervised
- Strategic and creative thinking to analyze issues that may arise, and create solutions
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most recommendation to leadership
- An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner
- Proven ability to remain task driven and keep leadership updated on project status
- Ability to respond positively to feedback, and implement change in process and procedures as needed
- Familiarity with Tanium and MDO
- CISSP, Microsoft or CompTIA security certification
- Ability to work in a fast-paced environment
What will your typical day look like?
- Design and implement enterprise-wide security controls and policies to protect against cyber threats in a hybrid and multi-cloud environment.
- Provide security guidance through baseline configurations and controls based on security frameworks and best practices for enterprise core security services including:
o Workstation and server endpoint management
o Microsoft Office and M365
o Privileged Identity Management and identity governance
o Browser security
o Data Loss Prevention solutions
- Work closely with stakeholders across the enterprise to understand the business use case and effectively drive security requirements
- Function as a security SME for enterprise ecosystems
- Evaluate risk assessments, vulnerability assessments, and threat modeling to identify potential security risks and vulnerabilities
- Review security audits, assessments, and tests to evaluate the effectiveness of security controls
- Provide support and reporting for compliance to security frameworks such as NIST, ISO, and CIS
- Developing and implementing enterprise security architectures and solutions that are aligned with business objectives and meet regulatory requirements
- Develop and maintain documentation on security policies, standards, and procedures
- Stay up to date with the latest security technologies and industry trends
- Other duties as assigned
Who are we?
- Wabtec Corporation is a leading global provider of equipment, systems, digital solutions, and value-added services for freight and transit rail as well as the mining, marine, and industrial markets. Drawing on nearly four centuries of collective experience across Wabtec, GE Transportation, and Faiveley Transport, the company has grown to become One Wabtec, with unmatched digital expertise, technological innovation, and world-class manufacturing and services, enabling the digital-rail-and-transit ecosystems.
- Wabtec is focused on performance that drives progress and unlocks our customers' potential by delivering innovative and lasting transportation solutions that move and improve the world. We are lifelong learners obsessed with making things better to drive exceptional results. Wabtec has approximately 27K employees in facilities throughout the worl