Skip to main content
Administrative Support – Mast@2X

Administrative Support

Principal Application Security Engineer

Location East Peoria, Illinois, United States of America / Nashville, Tennessee, United States of America / Irving, Texas, United States of America
Date Posted
Contract Type Full time
Job Type Regular
Requisition ID R0000044884

Career Area:

Administrative Support

Job Description:

Your Work Shapes the World

Whether it be groundbreaking products, best in class solutions or creating a lifelong career, you can do the work that matters at Caterpillar. With a 95-year legacy of quality and innovation and 150 locations in countries around the world, your impact spans the globe.

At Caterpillar, a brand recognized the world over, your office could be closer than you ever realized. Caterpillar’s highly flexible work environment fosters a culture to inspire unconventional ideas to accomplish remarkable results. With life demands ever-changing, Caterpillar provides employees the autonomy to choose their work location based on their daily commitments and how/where they work most efficiently and effectively. It’s time to start building what matters most, your career!

When you join Caterpillar, you are joining a team of makers, innovators and doers. We are the people who roll up our sleeves and do the work to build a better world. We don’t just talk about progress and innovation. We make it happen. And we are proud of that because it helps our customers build and power the world we live in – the roads, hospitals, homes and infrastructure.  Without a dedicated workforce Caterpillar could not effectively meet our customer’s needs.  Join us.

Job Purpose:

This position will be responsible for working at the enterprise level to develop application security strategies and drive incremental security improvements into Caterpillar’s increasing application footprint.

Description:

This incumbent will be responsible for working within application development and support teams throughout the enterprise to facilitate the adoption and implementation of application security technologies and processes. This role will collaborate with numerous application teams to embed cybersecurity throughout the respective software development pipeline methodology and work with those teams during code testing, security assessments, and associated remediation activities.

This role joins a team of application security engineers that will be accountable for implementation of enterprise application security strategies across business segments.  The role will provide strong software development and application security controls expertise along with up-to-date understanding of application security industry trends are foundational skills required for this Principal Application Security Engineer position.

  • Provide Cybersecurity collaboration and advisory services to leaders throughout the Enterprise and business segment application teams on securely architecting application and web solutions.
  • Provide thought-leadership, decision-making, prioritization, consulting, and support to application development teams throughout the secure software development life cycle on a variety of security domains, including, but not limited to: requirements gathering, secure coding and configuration, software testing, third-party component management and defect management.
  • Consult with application development teams to embed security integrations into their existing pipeline, leveraging automation where possible.
  • Keep up with industry application security knowledge and trends by participating in various external seminars and conferences as well as achieve and maintain externally recognized application security certifications.
  • Provide subject matter expertise in the Identification of immediate & permanent corrective actions associated to securing applications with known vulnerabilities.
  • Provide foundational thought leadership in the scoping and execution of the Application Security Program acceleration activities.
  • Continue to drive the DevSecOps principals into Caterpillar application development team processes to deliver secure by design principals. 
  • Maintain a constant modern knowledge of application compromises of Fortune1000 corporations and drive the appropriate awareness and actions to ensure Caterpillar does not suffer the same fates.
  • Maintain expert knowledge on Cybersecurity policies and processes that most directly relate to application security, including, but not limited to: Enterprise Procedures, Information Security Directives, Secure Configuration Baselines, vulnerability management, risk treatment, and data classification & handling requirements.
  • Prioritization of work efforts and budget to ensure the application security resources are always working on the initiatives that deliver the highest value to the business.
  • Direct interaction with senior leadership on application security matters associated to risk, prioritization, and awareness.
  • Participate in application threat modeling and attack and penetration testing activities.
  • Conduct cybersecurity risk assessments of Caterpillar developed and purchased applications.
  • Provide consulting services to define, design, develop, implement, and maintain the overall security posture of applications and supporting infrastructure.
  • Develop standards, practices, and processes to establish, manage, and report adherence to application security requirements and best practices.
  • Lead and participate in enterprise-wide projects to identify, address, and improve process or technology gaps within the application security space.
  • Develop collaborative relationships and provide expertise, technical guidance, and training to application development and support teams.
  • Assist other Cybersecurity teams in the research and deployment of technical solutions to safeguard Caterpillar applications and data.

Basic Requirements:

  • Bachelor’s Degree in Computer Science or a related field with specialization in information security.
  • 10+ years’ experience in application development and/or application cybersecurity.
  • Understanding and experience with application security risks, principles and frameworks including OWASP, Secure SDLC, and DevSecOps
  • Experience with multiple application development methodologies (e.g. Waterfall, Agile).
  • Experience with enablement of Continuous Integration/Continuous Delivery (CI/CD) technologies.

Top Candidate Will Also Have:

  • Masters degree is preferred.  
  • Certification from an accredited security organization aligned to the position preferred.  
    • Examples include (ISC)2 CSSLP and GIAC GWAPT | GWEB

Additional Details:

  • Location: in Dallas, Texas; Nashville, Tennessee; East Peoria, Illinois.
  • Relocation is offered
  • Travel: up to 20%

Employee benefit details:

Our goal at Caterpillar is for you to have a rewarding career. Our teams are critical to the success of our customers who build a better world.

Here you earn more than just a salary, because we value your performance. We offer a total rewards package that provides day one benefits [medical, dental, vision, RX, and 401(k)] along with the potential of an annual bonus.

Additional benefits include paid vacation days and paid holidays (prorated based upon hire date).

Final details:

Please frequently check the email associated with your application, including the junk/spam folder, as this is the primary correspondence method. If you wish to know the status of your application – please use the candidate log-in on our career website as it will reflect any updates to your status.

This employer is not currently hiring foreign national applicants that require or will require sponsorship tied to a specific employer, such as H, L, TN, F, J, E, O. As a global company, Caterpillar offers many job opportunities outside of the U.S. which can be found through our employment website at www.Caterpillar.com/Careers

EEO/AA Employer.  All qualified individuals - Including minorities, females, veterans and individuals with disabilities - are encouraged to apply.

Not ready to apply? Submit your information to our Talent Network here .


LET’S DO THE WORK

Keep up with the latest jobs and Caterpillar news.

JOIN TALENT COMMUNITY
Talent Community@2X