주요 콘텐츠로 건너 뛰기
Hero Example

Technology, Digital and Data

Cybersecurity Specialist

위치 East Peoria, Illinois, United States of America / Nashville, Tennessee, United States of America / Irving, Texas, United States of America
게시 된 날짜
신청 방법
계약 유형 Full time
직무 종류 Regular
요청 ID R0000289790

Career Area:

Technology, Digital and Data

Job Description:

Your Work Shapes the World at Caterpillar Inc.

When you join Caterpillar, you're joining a global team who cares not just about the work we do – but also about each other.  We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here – we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it.

Connected Asset Security Engineer

Role Definition:

The Connected Asset Security Engineer is responsible for supporting embedded security assessments and development of Caterpillar product and back-office components. You will facilitate the continued adoption and implementation of Connected Asset Security Program processes into Caterpillar NPI processes and software development lifecycles. Additionally, the engineer will be working with product teams on security by design concepts and remediation activities resulting from security assessments and testing.

The Connected Asset Security Engineer will be responsible for collaborating with global teams and maintaining a thorough awareness and understanding of the Connected Asset Security processes.

What You Will Do:

  • Perform security assessments on connected asset solutions while influencing business decisions that affect cybersecurity for the next generation of on-board products and solutions.

  • Work with Development teams to provide Security Guidance and influence the cybersecurity posture of the solution during the development phase.

  • Document risks and ensure engineering management is aware to make informed decisions when accepting risk.

  • Coordinate, respond, and execute our cybersecurity strategy for connected assets.

  • Assimilate and prioritize cybersecurity requirements and drive product architecture decisions aligning to the Connected Asset Program

  • Participate in the response of customer and industry assessments, workshops, and incidents.

  • Actively participate in solution attack and penetration test scoping and vulnerability assessments

  • Provide periodic internal stakeholder updates and function as the communication focal point for internal engineering team inquiries and presentations.

  • Provide input and support to solution development teams throughout the product development lifecycle on a variety of connected product security requirements, including, but not limited to, security requirements, secure coding and configuration, software testing, third-party component management and security defect management.

  • Lead product development teams through remediation activities resulting from application testing, threat modeling and attack and penetration testing.

  • Maintain current industry expert knowledge on modern ICS (Industrial Control Systems) and Cloud security procedures, directives, tools, attack methodologies, directives, secure configuration baselines, and technology controls.

  • Leverage expertise in application testing, threat modeling, attack and penetration testing, data classification and data handling.

  • Function as the SME (Subject Matter Expert) for Product Communication, ICS, and Cloud technologies for embedded device development teams.

  • Provide connected asset security expertise and leadership in defining and prioritizing Connected Asset Security Programs initiatives.

What You Have:

  • Bachelor’s degree in computer science, or a related field

  • Strong experience in IT, Computer Science, Cybersecurity, or a related field

  • Expert experience with cybersecurity threat modeling and mitigation/remediation techniques

  • Excellent written and verbal communications skills

  • Ability to coordinate multiple teams in accomplishing process review and improvement.

  • Committed to technical learning and continuous education in cybersecurity.

  • Basic understanding of ISA/IEC 62443, ISO 27001, and NIST CSF

Top Candidates Will Have:

  • Experience or a passion for cybersecurity technical concepts, secure by design techniques, and industry best practices.

  • Demonstrated ability in project management and change management.

  • Experience with the product development processes.

  • Demonstrated ability to perform critical analysis and develop executive decision support content.

  • Practical experience with developing enterprise grade software

  • Experience with a wide variety of information security processes and principles, for example:

    • Vulnerability assessment

    • Risk analysis

    • Defense in depth

    • SDLC and product development processes

    • Identity and access management

    • Networking concepts (routing, design, TCP/IP)

    • Network and endpoint security software.

    • Business process design

    • Web services security

  • Professional information security certification (e.g., CISSP, CCSP, SANS Certifications, etc.)

  • Intermediate knowledge of cloud concepts including virtual machines, containers, Platform-as-a-Service/serverless services, etc.

  • Familiarity with the ICS organization, autonomy solutions, or telematics.

  • Ability to adjust to multiple demands, changing priorities, uncertainty, ambiguity, and rapid change, while multitasking effectively

Degree Requirement:

  • Accredited, four-year Information Technology degree or a closely related technical degree; communications or learning and development degree; or equivalent experience.

Skill Descriptors:

Communicating Complex Concepts: Knowledge of effective presentation tools and techniques to ensure clear understanding; ability to use summarization and simplification techniques to explain complex technical concepts in simple, understandable language appropriate to the audience.
 

Consulting: Knowledge of techniques, roles, and responsibilities in providing technical or business guidance to clients, both internal and external; ability to apply consulting knowledge appropriately.

Information Security Management: Knowledge of the processes, tools and techniques of information security management; ability to deploy and monitor information security systems, while detecting, controlling and preventing violations of IT security.

Cybersecurity Standards and Policies: Knowledge of developing cybersecurity policies, standards and procedures; ability to develop and communicate policies, standards and procedures that guide interactions with customers.

Cybersecurity Risk Management: Knowledge of tools, techniques, approaches and processes of cybersecurity risk management; ability to ensure organizational network operation and minimize negative effect by cybersecurity risks.
 

Information Technology (IT) Security Policies: Knowledge of IT security policies, standards, and procedures; ability to utilize a variety of administrative skill sets and technical knowledge to ensure cyber security compliance.
 

Additional Info :

  • The primary locations for this position are: East Peoria, IL, Nashville TN, or Dallas, TX

  • Must be willing to work a minimum of 3 days a week onsite.

  • Sponsorship is  NOT available.

  • Relocation is available for qualified candidates.

About Caterpillar -

Caterpillar Inc. is the world’s leading manufacturer of construction and mining equipment, off-highway diesel and natural gas engines, industrial gas turbines and diesel-electric locomotives. For nearly 100 years, we’ve been helping customers build a better, more sustainable world and are committed and contributing to a reduced-carbon future. Our innovative products and services, backed by our global dealer network, provide exceptional value that helps customers succeed.

Summary Pay Range:

$126,000.00 - $189,000.00

Compensation and benefits offered may vary depending on multiple individualized factors, job level, market location, job-related knowledge, skills, individual performance and experience. Please note that salary is only one component of total compensation at Caterpillar. 

Benefits:

Annual incentive bonus plan*

Medical, dental, and vision coverage

Paid time off plan (Vacation, Holiday, Volunteer, Etc.)

401k savings plan

Health savings account (HSA)

Flexible spending accounts (FSAs)

Disability benefits

Life Insurance

Parental leave

Healthy Lifestyle Programs

Employee Assistance Programs

Voluntary Benefits and Employee Discounts

Tuition Reimbursement

Career Development

*Subject to annual eligibility and incentive plan guidelines .

Relocation is available for this position.Visa Sponsorship is not available for this position. This employer is not currently hiring foreign national applicants that require or will require sponsorship tied to a specific employer, such as, H, L, TN, F, J, E, O. As a global company, Caterpillar offers many job opportunities outside of the U.S which can be found through our employment website at www.caterpillar.com/careers.

Posting Dates:

February 5, 2025 - February 15, 2025

Any offer of employment is conditioned upon the successful completion of a drug screen.     

EEO/AA Employer.  All qualified individuals - Including minorities, females, veterans and individuals with disabilities - are encouraged to apply.

Not ready to apply? Join our Talent Community .