Join Enterprise Information Security and contribute to the protection of IT systems and services. As a Staff Cybersecurity Engineer , reporting to the Senior Manager of Security Operations, you will be responsible for designing and implementing security requirements and controls for enterprise protection services, including endpoint detection & response (EDR), email security, and data loss prevention (DLP) technologies. Your role will involve ensuring the security and integrity of Wabtecs enterprise environments, offering technical security guidance to cross-functional teams, and evaluating existing application services and infrastructure designs to recommend remediations that mitigate information security risks. This position offers an opportunity to support cybersecurity excellence within the organization.
What do we want to know about you?
You must have:
- Bachelor s degree in computer science, Information Technology, or a related field, or a minimum of 8 years of full-time experience in cybersecurity
- Expertise with deploying, configuring and maintaining Endpoint Detection & Response
- Extensive expertise in Microsoft 365 (M365) security and governance practices
- Knowledge of email security best practices and Exchange Online controls
- Experience with Unified Endpoint Management
- Experience with creating and managing hardened secure baselines
- Experience managing workstreams and transparency with IT Service Management
- Experience with Python, PowerShell, or related scripting/coding languages to automate enterprise security workflows
- Experience with security frameworks such as NIST, ISO, and CIS and decomposing them to granular security requirements and configurations
- Experience with hands-on implementation and analysis of security configuration policies in an enterprise IT context
- Excellent analytical and problem-solving skills with the ability to work
- Excellent communication and interpersonal skills
- Must be willing to work weekends/off-shift hours, as needed during incidents
We would love it if you had:
- Bachelor s degree in computer science, Information Technology, or a related field
- Ability to work unsupervised
- Strategic and creative thinking to analyze issues that may arise and create solutions
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most recommendation to leadership
- An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner
- Proven ability to remain task-driven and keep leadership updated on project status
- Ability to respond positively to feedback and implement changes in process and procedures as needed
- Understanding of network security, application security, and cloud security
- CISSP, Microsoft, or CompTIA security certification is preferred
- Ability to work in a fast-paced environment with effective project management skills and ability to work on a Global team
- Excellent communication skills with the ability to manage joint response and remediation efforts and constructively influence peers and leadership
- Commitment to continuous learning and adaptability in an evolving cybersecurity landscape
What will your typical day look like?
- Design and implement security controls and policies for MDE in a hybrid and multi-cloud environment
- Provide security guidance through baseline configurations and controls based on security frameworks and best practices for:
- Privileged Identity Management
- Privileged Access Management solutions
- CyberArk, SailPoint, and Defender for Identity
- Workstation and server endpoint management
- Design and mature effective email security controls to identify improvements and defenses based on threat intelligence and operational data
- Work closely with stakeholders across the enterprise to understand the business use case and effectively drive security requirements
- Collaborate with IT, applications, GRC, and security operations teams to ensure that security controls are implemented effectively
- Function as a security SME for enterprise ecosystems
- Perform risk assessments, vulnerability assessments, and threat modeling to identify potential security risks and vulnerabilities
- Review security audits, assessments, and tests to evaluate the effectiveness of security controls
- Provide support and reporting for compliance with security frameworks such as NIST, ISO, and CIS
- Develop and implement enterprise security architectures and solutions that are aligned with business objectives and meet regulatory requirements
- Develop and maintain documentation on security policies, standards, and procedures
- Use configuration management tools to ensure proper configuration of systems and applications
- Stay up to date with the latest security technologies and industry trends
- Other duties as assigned
What about the physical demands of the job?
- Regularly remaining in a stationary position, often standing or sitting for prolonged periods
- Regularly communicating with others to exchange information
- Regularly required to attend meetings in person and virtually using video and audio computer equipment
- Regularly repeating motions that may include the wrists, hands, and/or fingers, such as typing
- Occasionally moving about to accomplish tasks or moving from one worksite to another
- Occasionally light work that includes moving objects up to twenty pounds
