Enterprise Security Architect

Wabtec Corporation is a leading global provider of equipment, systems, digital solutions and value-added services for freight and transit rail. Drawing on nearly four centuries of collective experience across Wabtec, GE Transportation and Faiveley Transport, the company has unmatched digital expertise, technological innovation, and world-class manufacturing and services, enabling the digital-rail-and-transit ecosystems. Wabtec is focused on performance that drives progress, creating transportation solutions that move and improve the world. Wabtec has approximately 27,000 employees in facilities throughout the world. Visit the company’s new website at: http://www.WabtecCorp.com.

It’s not just about your career… or your job title…it’s about who you are and the impact you are going to make on the world. Do you want to go into uncharted waters…do things that haven’t been done to make yours and someone else's life better? Wabtec has been doing that for decades and we will continue to do so! Through our people, leadership development, services, technology and scale, Wabtec delivers better outcomes for global customers by speaking the language of industry.

Summary:

As an Enterprise Security Architect, you will be responsible for designing security requirements and controls for Wabtec IT on Enterprise projects and systems. As well as ensuring the security and integrity of Wabtec enterprise environments, you will provide technical security leadership to cross-functional teams for the creation and delivery of secure information technology solutions and shared services.  You will analyze existing application services and infrastructure designs to suggest remediations where necessary to reduce information security risk. You may also function as a security expert for new projects working closely with teams across the company to ensure that appropriate security requirements and controls are designed for implementation.

This role requires a combination of strong technical and communication skills and will report to the Manager, Security Architecture.

Duties and Responsibilities:

• Design of enterprise-wide security controls and policies to protect against cyber threats in a hybrid and multi-cloud environment.
• Provide security leadership, review, consultation and deliver hardened baselines for all IT tools, solutions, projects, software etc.  This includes but is not limited to delivering controls and configurations for the following:
  • Cyber Defense Tools
  • Workstation and server endpoint management
  • Microsoft Office and M365
  • Privileged Identity Management and identity governance
  • Browser security
  • Data Loss Prevention solutions
• Provide security leadership through baseline configurations and controls based on security frameworks and best practices
• Provide secure configurations for security tools and software, including endpoint management, browser security and email protection.
• Collaborate with other IT teams to ensure that security controls are implemented effectively on all Wabtec IT projects.
• Provide secure configurations for identity management tools and software
• Function as a security SME for enterprise ecosystems
• Evaluate risk assessments, vulnerability assessments, and threat modeling to identify potential security risks and vulnerabilities
• Review security audits, assessments, and tests to evaluate the effectiveness of security controls
• Provide support and reporting for compliance to security frameworks such as NIST, ISO, and CIS
• Developing and implementing enterprise security architectures and solutions that are aligned with business objectives and meet regulatory requirements
• Develop and maintain documentation on security policies, standards, and procedures
• Work closely with stakeholders across the enterprise to understand the business use case and effectively drive security requirements
• Assess configuration management tools to ensure proper configuration of systems and applications
• Staying up to date with the latest security technologies and industry trends
• Other duties as assigned

Minimum Qualifications_:_ (To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.)

• Bachelor's degree in Computer Science, Information Technology, or a related field
• At least 7 years of experience in information and cyber security

Knowledge, Skills and Abilities:

• Experience with creating and managing hardened secure baseline configurations
• Experience with hands on implementation and analysis of security configuration policies in an enterprise IT context
• Strong background in Microsoft environments
• Strong background with Microsoft Office and M365
• Strong background with Microsoft Active Directory
• Experience with Microsoft Intune
• Experience with security frameworks such as NIST, ISO, and CIS and decomposing them to granular security requirements and configurations
• Familiarity with CyberArk, Sailpoint
• Familiarity with browser security management
• Familiarity with Jamf is a plus
• Familiarity with Tanium
• Familiarity with Proofpoint is a plus
• Familiarity with Python, PowerShell or related utility languages
• Understanding of network security, application security, and cloud security
• Hands-on experience with popular endpoint configuration management tools
• CISSP, Microsoft or CompTIA security certification
• Ability to work unsupervised in a fast-paced environment 
• Strong analytical and problem-solving skills
• Excellent communication and interpersonal skills
• Strategic and creative thinking to analyze issues that may arise, and create solutions
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most recommendation to leadership
• An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner
• Proven ability to remain task driven and keep leadership updated on project status
• Ability to respond positively to feedback, and implement change in process and procedures as needed

Physical Demands: (The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)

• Employee is regularly required to talk and hear
• Employee is regularly required to utilize a computer monitor
• Employee is required to sit or stand at a computer desk for many hours at a time
• Requires daily face-to-face or video interaction with other team members
• Occasional local or international travel may be required

Work Environment: (The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.)

• The employee will normally work in a temperature-controlled office environment

Wabtec Corporation is committed to taking on the world’s toughest challenges. In order to fulfill that commitment we rely on a culture of leadership, diversity and inclusiveness. We aim to employ the world’s brightest minds to help us create a limitless source of ideas and opportunities. We believe in hiring talented people of varied backgrounds, experiences and styles…people like you! Wabtec Corporation is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, or protected Veteran status. If you have a disability or special need that requires accommodation, please let us know.