Job Description

It's not just about your career or job title... It's about who you are and the impact you will make on the world. Because whether it's for each other or our customers, we put People First. When our people come together, we Expand the Possible and continuously look for ways to improve what we create and how we do it. If you are constantly striving to grow, you're in good company. We are revolutionizing the way the world moves for future generations, and we want someone who is ready to move with us.

Who are we?

Wabtec Corporation is a leading global provider of equipment, systems, digital solutions, and value-added services for freight and transit rail as well as the mining, marine, and industrial markets. Drawing on nearly four centuries of collective experience across Wabtec, GE Transportation, and Faiveley Transport, the company has grown to become One Wabtec, with unmatched digital expertise, technological innovation, and world-class manufacturing and services, enabling the digital-rail-and-transit ecosystems.



Wabtec is focused on performance that drives progress and unlocks our customers' potential by delivering innovative and lasting transportation solutions that move and improve the world. We are lifelong learners obsessed with making things better to drive exceptional results. Wabtec has approximately 27K employees in facilities throughout the world. Visit our website to learn more!

Job Overview

We are seeking a skilled and proactive

Product Cybersecurity Engineer

to join our team. This role will support in secure software development practices and will collaborate closely with product engineering teams to embed and automate security testing within CI/CD pipelines. The ideal candidate will drive the maturity of our secure development lifecycle and enhance the overall security posture of our products.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

Security Integration & Automation

Implement and integrate security scanning tools (SAST, DAST, etc.) into CI/CD pipelines. Ensure security policies are consistently applied throughout the product development lifecycle.

Developer Enablement & Collaboration

Partner with development teams to promote adoption of security tools and frameworks. Provide hands-on support and guidance to Product Engineering team on security scanning tools and secure coding practices.

Scan Quality & Risk Management

Continuously improve the accuracy and relevance of security scans. Support Product engineering teams to assess scan results, triage findings, and provide risk-based remediation guidance.

Knowledge Sharing & Documentation

Develop and maintain SOPs, best practices, and contribute to the internal security knowledge base. Conduct training and awareness sessions for development teams.

Metrics & Reporting

Enhance Product Cybersecurity Testing Services KPIs/KRIs. Deliver actionable insights through regular reporting and dashboards.

Service Delivery & Road mapping

Deliver security services aligned with ITIL processes. Envision and evolve the roadmap for product security testing services to support emerging technologies.

Required Qualifications:

1-3 years of progressive experience in application and information security. Hands-on experience with SAST, DAST, SCA tools such as Coverity, Checkmarx, Fortify, OWASP ZAP, Invicti, Black Duck, SemGrep, Synk Strong understanding of DevSecOps practices and CI/CD tools (Git, Jenkins, Jira, Maven, Gradle, TeamCity, Artifactory). Proficiency in secure code review and dynamic application security testing. Solid grasp of application security threats and vulnerabilities across web, mobile, and embedded platforms. Familiarity with security frameworks (OWASP, NIST, MITRE, SANS CWE) and standards (ISO 27001, IEC 62443, Privacy). Experience with open-source license governance and container/cloud security. Exposure to firmware and embedded system security testing. Scripting skills (e.g., Python, Shell) and programming knowledge (e.g., C/C++, Java, Golang, C#). Working knowledge of PowerBI and service operations is a plus. Self-starter with the ability to work independently and in dynamic environments. Strong analytical, problem-solving, and innovative thinking. Excellent communication and collaboration skills. High integrity and ability to handle confidential information. DevSecOps Certifications (CDP/CDE/GSCA) , CSSLP, CISSP, SANS certifications (at least one strongly preferred)

Our Commitment to Embrace Diversity:

Wabtec is a global company that invests not just in our products, but also our people by embracing diversity and inclusion. We care about our relationships with our employees and take pride in celebrating the variety of experiences, expertise, and backgrounds that bring us together. At Wabtec, we aspire to create a place where we all belong and where diversity is welcomed and appreciated.



To fulfill that commitment, we rely on a culture of leadership, diversity, and inclusion. We aim to employ the world's brightest minds to help us create a limitless source of ideas and opportunities. We have created a space where everyone is given the opportunity to contribute based on their individual experiences and perspectives and recognize that these differences and diverse perspectives make us better.



We believe in hiring talented people of varied backgrounds, experiences, and styles... People like you! Wabtec Corporation is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, or protected Veteran status. If you have a disability or special need that requires accommodation, please let us know.

Additional Information

What could you accomplish in a place that puts People First?

At Wabtec, it's not just about a job - it's about the impact you make. When our people come together, we're Expanding the Possible by continuously improving what we do and how we do it - for our clients and each other.


If you're ready to revolutionize how the world moves for future generations, Wabtec is the place for you.

Who are we?

Wabtec is a leading global provider of equipment, systems, digital solutions, and value-added services for the freight and transit rail sectors. Drawing on more than 150 years of experience, we are leading the way in safety, efficiency, reliability, innovation, and productivity. Whether it's freight, transit, ports, logistics, mining, industrial, or marine, our expertise, technologies, and people together - are accelerating the future of transportation. With roots that date back to George Westinghouse, Thomas Edison, and Louis Faiveley, Wabtec has always built technologies and implemented solutions for a variety of sectors that are critical to meeting the needs of customers and governments alike.


Our global team of about 30,000 employees worldwide delivers performance that moves the world forward. We're lifelong learners, obsessed with better. Learn more at www.WabtecCorp.com.

Culture powers us and the possibilities.

We believe the best ideas come from a mix of experiences and backgrounds. At Wabtec, we strive every day to create a place where everyone belongs. We're building a culture where leadership, inclusion and your unique perspective fuel progress.



We're proud to be an Equal Opportunity Employer. We welcome talent of all backgrounds, experiences, and identities, including race, gender, age, disability, veteran status and more.


Need accommodation? Just let us know - we've got you.