×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant Data Security

Cybersecurity Risk Controls Analyst

Job in Fort Worth, Tarrant County, Texas, 76102, USA
Listing for: Wabtec
Full Time position
Listed on 2025-12-28
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, Data Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below

Job Description

Job Description

Who will you be working with?

Join Enterprise Information Security (EIS) to drive cybersecurity excellence leveraging intelligence, strategic partnerships, and analysis. Collaborate daily with GRC, Architecture, Operations, and key Information Technology stakeholders to advance our information security capabilities.

How will you make a difference?

As a member of ISA team, Wabtec is looking for a Senior Cybersecurity
Risk & Controls Analyst
. This role reports to the ISA Sr Manager within EIS, and will be responsible for building, developing, implementing, and operating a strategic Risk & Controls Management program to protect Wabtec and its stakeholders while supporting our strategic objectives.

In this position, you will assume a leading role in driving the organization’s information security risk management efforts through the identification, assessment, and remediation of security risks, ensuring the protection of critical assets, the implementation of adequate security controls and compliance with legal, statutory, regulatory and contractual requirements. Additionally, you will play a pivotal role in fostering a risk‑aware culture across the organization, promoting awareness of security risks and empowering employees to actively contribute to the organization’s risk posture.

You will collaborate cross‑functionally with IT and with Business stakeholders to develop and implement robust security strategies and practices, guiding the organization towards a mature and resilient security posture.

What do we want to know about you?

You must have:

  • Bachelor’s degree in Business, Technology, Cyber Security, Technology Risk Management or related field or strong hands‑on experience.
  • 3+ years experience in Security & Risk management.
  • Prior experience in IT or Cybersecurity, supporting systems or developing/supporting applications.

Knowledge of technical controls and ability to describe them to business/system owners

  • Knowledge of industry Risk management frameworks, common mitigation practices, and Organizational control management.
  • Demonstrate professional skepticism to ensure evidence is sufficient when assessing the relevant information security controls.
  • Demonstrate an understanding of business processes, internal risk management strategies, IT controls, and how they interact together.
  • Demonstrate proficiency in process formulation and improvement.
  • Knowledge of operational security capabilities including access control, network security, secure configuration and vulnerability management, intrusion detection, security monitoring and incident response.
  • Proven solid written and oral communication skills with the ability to effectively communicate status, risks, and remediations to executive management.
We would love it if you had:
  • ISO 27001 and NIST CSF knowledge is highly desirable.
  • Governance and Risk Certification a plus (CRISC, CISM, CISA, or CISSP)
What will your typical day look like? Risk Management Program Development
  • Design and implement a comprehensive risk management framework tailored to the organization's needs.
  • Establish risk assessment methodologies, including threat modeling and vulnerability scoring systems.
  • Develop policies, procedures, and guidelines for risk identification, analysis, and mitigation.
  • Create risk reporting structures and dashboards for effective communication to stakeholders.
Risk Identification, Assessment, Analysis and Mitigation Strategy
  • Conduct initial organization‑wide risk assessments to establish a baseline risk profile.
  • Lead risk assessments to identify and prioritize security threats across systems.
  • Prioritize and categorize identified risks based on potential impact and likelihood.
  • Analyze the effectiveness of existing controls and recommend improvements.
  • Collaborate with stakeholders to formulate risk treatment plans and mitigation strategies aligned with business objectives.
  • Implement and oversee the execution of risk remediation initiatives.
Control Assessment and Policy Alignment
  • Develop and maintain a comprehensive inventory of security controls and associated policies across the organization.
  • Perform gap analysis between existing controls/policies and…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search