Risk Analyst - Information Security

It’s not just about your career or job title… It’s about who you are and the impact you will make on the world. Because whether it’s for each other or our customers, we put People First. When our people come together, we Expand the Possible and continuously look for ways to improve what we create and how we do it. If you are constantly striving to grow, you’re in good company. We are revolutionizing the way the world moves for future generations, and we want someone who is ready to move with us.

Who will you be working with?

Our best-in-class Enterprise Information Security team combines knowledge of security services to areas within Information Technology and provide in-depth and highly technical information security consulting and services focused on the enterprise services IT provides to ensure confidentiality, integrity and availability of these systems.

How will you make a difference?

As a member of the IT Business Information Security Team, you will be responsible for staying abreast of developments within the field and contribute to directional strategy by considering all present risks internally and externally. You’ll work with partners to drive thoughtful remediation and enhancements to the organization’s risk posture. This role requires advanced understanding of challenges and common threats. This person will be responsible for developing, implementing, and operating a strategic, risk-based program for the Information Security Assurance team.

What do we want to know about you?

You must have :

• Bachelor’s degree in Business, Technology, Cyber Security, Technology Risk Management or related field or hands-on and strong experience
• 5+ years experience within IT operations, Security or Risk management
• Strong analytical and problem-solving skills; ability to decipher and prioritize asks accordingly
• Strong interpersonal skills.
• Knowledge of industry Risk management frameworks, common mitigation practices, and\ Organizational control management.
• Demonstrate professional skepticism to ensure evidence is sufficient when assessing the relevant information security controls.
• Demonstrate an understanding of business processes, internal risk management strategies, IT controls, and how they interact together.
• Demonstrate proficiency in process formulation and improvement.
• Knowledge of operational security capabilities including access control, network security, secure configuration and vulnerability management, intrusion detection, security monitoring and incident response.
• Experience with auditors, both internal and regulatory to drive positive audit results with strong remediation paths.
• Proven solid written and oral communication skills with the ability to effectively communicate status, risks, and remediations to executive management.
• ISO 27001 standard knowledge is highly desirable.
• Governance and Risk Certification a plus (CRISC, CISM, CISA, or CISSP)

What will your typical day look like?

The ideal candidate will have experience building, operating, and maturing effective programs to manage Information Security Risks and their remediations.

Physical Demands :

Work Environment :

The employee will normally work in a temperature-controlled office environment, with frequent exposure to electronic office equipment. During visits to areas of operations, may be exposed to extreme cold or hot weather conditions, fumes or airborne particles, toxic or caustic chemicals, and loud noise.

#LI-AZ1

Our job titles may span more than one career level. The salary range for this role is between

The actual salary offered to a candidate may be influenced by a variety of factors, such as : training, transferable skills, work experience, education, business needs, market demands and work location. The base pay range is subject to change and may be modified in the future. More information on offered benefits, which include health, welfare, and retirement, are available at mywabtecbenefits.com. Other benefit offerings for this role may include an annual bonus, if eligible.

Who are we?

Wabtec Corporation is a leading global provider of equipment, systems, digital solutions, and value-added services for freight and transit rail as well as the mining, marine, and industrial markets. Drawing on nearly four centuries of collective experience across Wabtec, GE Transportation, and Faiveley Transport, the company has grown to become One Wabtec, with unmatched digital expertise, technological innovation, and world-class manufacturing and services, enabling the digital-rail-and-transit ecosystems.

Wabtec is focused on performance that drives progress and unlocks our customers’ potential by delivering innovative and lasting transportation solutions that move and improve the world. We are lifelong learners obsessed with making things better to drive exceptional results. Wabtec has approximately 27K employees in facilities throughout the world. Visit our website to learn more!

Our Commitment to Embrace Diversity :

Wabtec is a global company that invests not just in our products, but also our people by embracing diversity and inclusion. We care about our relationships with our employees and take pride in celebrating the variety of experiences, expertise, and backgrounds that bring us together. At Wabtec, we aspire to create a place where we all belong and where diversity is welcomed and appreciated.

To fulfill that commitment, we rely on a culture of leadership, diversity, and inclusion. We aim to employ the world’s brightest minds to help us create a limitless source of ideas and opportunities. We have created a space where everyone is given the opportunity to contribute based on their individual experiences and perspectives and recognize that these differences and diverse perspectives make us better.

We believe in hiring talented people of varied backgrounds, experiences, and styles… People like you! Wabtec Corporation is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, or protected Veteran status. If you have a disability or special need that requires accommodation, please let us know.