Application Security Engineer

Career Area:
Technology, Digital and Data
Job Description:
Your Work Shapes the World at Caterpillar Inc.
When you join Caterpillar, you're joining a global team who cares not just about the work we do - but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here - we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it.
Job Summary:
Join the Cybersecurity team of Cat Digital and build software solutions that drive automation and security into the application development lifecycle. You will have deep integration with applications as they move from an idea into a solution, integrating Security and DevOps practices and enabling delivery for Caterpillar Digital Applications. Be a part of the team that is using innovative solutions and methods to securely enable, build, and deploy modern applications and software.
This role is an excellent opportunity for an experienced software engineer with a passion for cybersecurity to move to a full-time cybersecurity role and help their fellow software engineers deliver solutions securely.
What You Will Do:
As an Application Security Engineer, you will work as a technical engineer within a portfolio of related applications to guide software engineers on cybersecurity issues, influence security and prioritization decisions at the bug or story level, and act a trusted partner in their mission to deliver solutions securely.

• Security Defect Management - Analyzing, validating, communicating, and consulting on security defects identified by both automated and manual sources such as CodeQL, Rapid7 Web Application Security, penetration testing, bug bounty, etc. In other words, our security engineers are partners to software engineers who require accurate information on why a vulnerability exists and what they can do about it.
• Engineering Consulting - Serving as a "best friend" to software engineers, architects, product owners, and leaders, provide contextually-aware guidance to help these groups make good decisions, document those decisions and resulting architectures, and navigate relevant review & approval processes (where necessary) when implementing new features and remediating existing issues.
• Tool Enablement - Enabling and monitoring automated defect detection tooling (CodeQL, Rapid7, etc.) at the repository or application level according to established process.
• Security Test Onboarding & Management - Collecting and communicating required scope and access information for penetration testing and security assurance assessments, as well as handling the output of these assessments via our Defect Management Process.
• Maturity Measurement - Consulting with software engineers on practices which will improve their application's security maturity according to scorecards and maturity models established by Cat Digital.
• Correction of Error - Authoring, in close partnership with software engineers, correction of error reports which help engineers and architects across Cat Digital avoid similar mistakes in their own applications.

What You Will Have:

• Decision Making and Critical Thinking: Knowledge of the decision-making process and associated tools and techniques; ability to accurately analyze situations and reach productive decisions based on informed judgment.
• Effective Communications: Understanding of effective communication concepts, tools and techniques; ability to effectively transmit, receive, and accurately interpret ideas, information, and needs through the application of appropriate communication behaviors.
• Software Development Life Cycle: Knowledge of software development life cycle; ability to use a structured methodology for delivering and managing new or enhanced software products to the marketplace.
• Software Integration Engineering: Knowledge of software integration processes and functions; ability to design, develop and maintain interfaces and linkage to alternative platforms and software packages.
• Software Product Design/Architecture: Knowledge of software product design; ability to convert market requirements into the software product design.

Top Candidates Will Have:

• Experience as a software engineer (in any language or framework); prefer a focus on cybersecurity related issues
• Experience working on a major cloud platform (AWS, Azure, GCP, or Salesforce) as a software engineer, cloud/DevOps engineer, security engineer, or architect.
• Experience analyzing and remediating security findings from automated and manual sources such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), penetration testing, Software Composition Analysis (SCA), etc.
• Experience leveraging one or more of the following resources to support secure coding and decision-making:
  • OWASP Top 10
  • MITRE Common Weakness Enumeration (CWE) Top 25
  • OWASP Application Security Verification Standard (ASVS)
  • Other industry-standard best practice guides or frameworks
• Experience building or supporting web applications and API's including Single Page Applications (SPA) and RESTful APIs.

• Professional certifications in either cybersecurity or software engineering, such as:
  • Associate or Professional-level certifications from a major cloud provider (AWS, Azure, GCP, or Salesforce).
  • CompTIA Security+, Cloud+, CCSK, and/or other cybersecurity certifications.
  • ISC2 Certified Software Lifecycle Professional (CSLP)

Additional Details:

• This position requires the candidate to be based in either Chicago, IL or Dallas, TX
• Relocation assistance is NOT available for this position

Summary Pay Range:
$97,530.00 - $158,480.00
Compensation and benefits offered may vary depending on multiple individualized factors, job level, market location, job-related knowledge, skills, individual performance and experience. Please note that salary is only one component of total compensation at Caterpillar.
Benefits:
Subject to plan eligibility, terms, and guidelines. This is a summary list of benefits.

• Medical, dental, and vision benefits*
• Paid time off plan (Vacation, Holidays, Volunteer, etc.)*
• 401(k) savings plans*
• Health Savings Account (HSA)*
• Flexible Spending Accounts (FSAs)*
• Health Lifestyle Programs*
• Employee Assistance Program*
• Voluntary Benefits and Employee Discounts*
• Career Development*
• Incentive bonus*
• Disability benefits
• Life Insurance
• Parental leave
• Adoption benefits
• Tuition Reimbursement

* These benefits also apply to part-time employees
Posting Dates:
February 3, 2026 - February 10, 2026
Any offer of employment is conditioned upon the successful completion of a drug screen.
Caterpillar is an Equal Opportunity Employer, Including Veterans and Individuals with Disabilities. Qualified applicants of any age are encouraged to apply.
Not ready to apply? Join our Talent Community.