Senior Cybersecurity Engineer
Contagem, Brazil
Applications have closed
Wabtec
At the leading edge of driving innovative technologies and responsible operations across the world. Drawing on over 150 years of experience, we are leading the way in safety, efficiency, reliability, innovation, and productivity.Wabtec Corporation is a leading global provider of equipment, systems, digital solutions and value-added services for freight and transit rail. Drawing on nearly four centuries of collective experience across Wabtec, GE Transportation and Faiveley Transport, the company has unmatched digital expertise, technological innovation, and world-class manufacturing and services, enabling the digital-rail-and-transit ecosystems. Wabtec is focused on performance that drives progress, creating transportation solutions that move and improve the world. Wabtec has approximately 27,000 employees in facilities throughout the world. Visit the company’s new website at: http://www.WabtecCorp.com.
It’s not just about your career… or your job title…it’s about who you are and the impact you are going to make on the world. Do you want to go into uncharted waters…do things that haven’t been done to make yours and someone else's life better? Wabtec has been doing that for decades and we will continue to do so! Through our people, leadership development, services, technology and scale, Wabtec delivers better outcomes for global customers by speaking the language of industry.
Who will you be working with?
You will advise product managers and engineering teams, create awareness of cybersecurity standards and technical controls, and recommend best practices for satisfying these standards and controls for web systems designed for cloud, on-premises, and mobile environments. You will work closely with others to define and maintain technical controls to address external standards, Wabtec standards, and product requirements.
How will you make a difference?
You will be responsible for ongoing cybersecurity assessments of Wabtec products to determine whether they comply with applicable Wabtec cybersecurity standards and technical controls.
What do we want to know about you?
Bachelor's degree in Computer Science, Cybersecurity, or a related field.
Experience with design, development, and/or testing of web systems.
Extensive hands-on experience in the following areas:
Container management
Cloud environment (AWS Lambda, Kubernetes, Kafka, …)
Foundation competencies/knowledge in below areas:
Threat model
Open Worldwide Application Security Project (OWASP)
Certificate management & PKI
Cryptography
Web Application penetration testing
Server hardening
Secure Data management (at rest / in transit)
Access control management
Firewall configuration
GDPR, PII
Experience working with large enterprise web applications (e.g., bank, insurance).
Experience with cybersecurity assessment tools and methods.
What will your typical day look like?
Conduct ongoing cybersecurity reviews of Wabtec products and determine whether Cybersecurity Authorization to Operate (CATO) should be granted based on compliance with Wabtec policies, standards, and technical controls.
Drive and support an authoritative technical consultation process on product cybersecurity across Wabtec’s embedded electronics and non-IT networked product portfolio including connected vehicle security, secure implementation of real-time operating systems, ongoing security support for heavy industrial systems and web services.
Drive and support processes to ensure Wabtec products implement appropriate cybersecurity controls, features, and requirements per applicable customer requirements, recognized industry standards, and engineering best practices.
Support engineering teams responsible for conducting threat and risk assessments to quantify product threat surfaces and attack vectors.
Recommend and consult on the design of software controls, environment/server hardening measures, and other risk mitigations to minimize attack surface and support cost-effective field maintainability of security controls.
Support engineering teams responsible for conducting root cause and corrective actions related to cybersecurity defects.
Create, seek, and share best practices for product cybersecurity across the Wabtec product portfolio.
Deliver effective project management and technical communications.
Understand technical cybersecurity concepts and their business implications. Be able to clearly explain these concepts to management and other engineers.
#LI-TO1
Wabtec Corporation is committed to taking on the world’s toughest challenges. In order to fulfill that commitment we rely on a culture of leadership, diversity and inclusiveness. We aim to employ the world’s brightest minds to help us create a limitless source of ideas and opportunities. We believe in hiring talented people of varied backgrounds, experiences and styles…people like you! Wabtec Corporation is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, or protected Veteran status. If you have a disability or special need that requires accommodation, please let us know.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security AWS Certificate management Cloud Compliance Computer Science Cryptography Firewalls GDPR Industrial Kafka Kubernetes Lambda OWASP Pentesting PKI Risk assessment
Perks/benefits: Career development Insurance
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs