Cybersecurity Engineer

Who will you be working with?

Join Enterprise Information Security (EIS) to drive cybersecurity excellence leveraging intelligence, strategic partnerships, and analysis. Collaborate daily with GRC, Architecture, Operations, and key Information Technology stakeholders to advance our information security capabilities.

How will you make a difference?

Join Enterprise Information Security, where Wabtec is looking for an individual to become a pivotal force in designing and implementing cutting-edge security requirements and controls for our IT projects and systems. As a Cybersecurity Engineer, you'll report directly to the Senior Manager of Security Operations, ensuring the security and integrity of Wabtec enterprise environments. Your role will involve providing technical security guidance to cross-functional teams, enabling the creation and delivery of secure IT solutions and shared services. Use your expertise to analyze existing application services and infrastructure designs, suggesting remediations to reduce enterprise risk. You'll also serve as a security expert for new projects, collaborating closely with teams across the company to ensure robust security controls are implemented and maintained. Join us and lead the charge in cybersecurity excellence

What do we want to know about you?

You must have:

• Bachelor's degree in computer science or information technology or at least 5 years of full-time experience in cybersecurity
• Experience with email security best practices and exchange online controls
• Experience with Python, PowerShell, or related scripting/coding languages to automate enterprise security workflows
• Experience with creating and managing hardened secure baseline configurations
• Experience with hands on implementation and analysis of security configuration policies in an enterprise IT context
• Strong background in Microsoft environments
• Strong background with Microsoft Office and M365
• Strong background with Microsoft Active Directory
• Experience with Microsoft Defender products and operations
• Experience with Microsoft Intune
• Experience with security frameworks such as NIST, ISO, and CIS and decomposing them to granular security requirements and configurations
• Strong analytical and problem-solving skills
• Excellent communication and interpersonal skills
• Must be willing to work weekends/off-shift hours, as needed during incidents

We would love it if you had:

• Ability to work unsupervised
• Strategic and creative thinking to analyze issues that may arise, and create solutions
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most recommendation to leadership
• An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner
• Proven ability to remain task driven and keep leadership updated on project status
• Ability to respond positively to feedback, and implement changes in process and procedures as needed
• Familiarity with Tanium and Microsoft Defender for O365
• Understanding of network security, application security, and cloud security
• CISSP, Microsoft or CompTIA security certification
• Ability to work in a fast-paced environment

What will your typical day look like?

• Design and implement enterprise-wide security controls and policies to protect against cyber threats in a hybrid and multi-cloud environment
• Provide operational support to business consumers of security controls and services. Tune security stacks based on business requirements
• Provide security guidance through baseline configurations and controls based on security frameworks and best practices for enterprise core security services including:
• Workstation and server endpoint management
• Microsoft Office and M365
• Privileged Identity Management and identity governance
• Browser security
• Data Loss Prevention solutions
• Develop and report operational health metrics for security services
• Collaborate with IT, application, GRC and security operations teams to ensure that security controls are implemented effectively
• Function as a security SME for enterprise ecosystems
• Develop and maintain documentation on security policies, standards, and procedures
• Use configuration management tools to ensure proper configuration of systems and applications
• Stay up to date with the latest security technologies and industry trends
• Other duties as assigned

What about the physical demands of the job? (Usual office job examples)

• Regularly remaining in a stationary position, often standing or sitting for prolonged periods
• Regularly communicating with others to exchange information
• Regularly required to attend meetings in person and virtually using video and audio computer equipment
• Regularly repeating motions that may include the wrists, hands and/or fingers, such as typing
• Occasionally moving about to accomplish tasks or moving from one worksite to another
• Occasionally light work that includes moving objects up to 20 pounds

You may also be asked to perform other duties outside of your function or trade, for which adequate training will be provided if necessary.

Work Environment: (Usual office job)

• Hybrid work schedule (both on-site and remote)
• The employee will normally work in a temperature-controlled office environment, with frequent exposure to electronic office equipment. During visits to areas of operations, may be exposed to extreme cold or hot weather conditions. Is occasionally exposed to fumes or airborne particles, toxic or caustic chemicals, and loud noise