Cybersecurity Manager - Connected Asset Security Engineering

Career Area:
Business Technologies, Digital and Data
Job Description:
Your Work Shapes the World at Caterpillar Inc.
When you join Caterpillar, you're joining a global team who cares not just about the work we do - but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here - we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it.
Cybersecurity Manager Connected Asset Security Engineering
This Connected Asset Cybersecurity Engineering Manager is responsible for leading a team of experts in the delivery of security services for connected assets, including risk assessments of connected systems, architecture and solution design consulting for IoT and IIoT devices, security policy development for connected environments, threat modeling specific to connected assets, penetration test scoping for connected systems, remediation consulting, and risk identification. The role will also ensure compliance with industry standards such as IEC 62443, NIST Cybersecurity Framework (CSF), and ISO 27001.
This leader is also responsible for the integration of security into business solutions and lifecycle processes and will be a driving force that delivers constant improvement to the cybersecurity posture of Caterpillar connected products that protects our competitive advantage and ensures customer confidence in the Caterpillar brand.
What You Will Do:
Caterpillar's Connected Asset Cybersecurity Engineering Manager directs complex global security programs within portfolios and projects. Responsibilities include:

• Leading technical teams to evaluate risks and propose innovative and effective security solutions for connected assets to proactively counter threats and maintain a secure environment. Ensuring compliance with industry standards like IEC 62443, NIST CSF, and ISO 27001.
• Providing leadership with strong organizational and people skills, alongside the ability to persuade, influence, lead, motivate others, and meet client expectations.
• Collaborating with and building partnerships among technology and business leaders to garner support for cybersecurity and risk management initiatives. Translating complex solutions for business partners with diverse technical understanding.
• Creating sophisticated solutions while guiding technical teams to develop actionable and practical plans.
• Assisting in the development and maintenance of risk management programs that assess, prioritize, remediate, and prevent logical and security risks, promoting early adoption of security practices in development cycles.
• Contributing to the strategic direction of security engineering and risk management initiatives.
• Overseeing various information security functions as assigned by senior leadership, including risk management, security controls development, security architecture, incident response, security monitoring, travel security, insider threat, investigative processes, and project management.
• Exploring and evaluating emerging methods in the security industry to integrate with corporate systems and strategies.
• Developing business cases to obtain approval for implementing new systems and technologies.
• Coordinating and maintaining audit actions focusing on the analytical and technical aspects of security.
• Staying informed about global threats to the company and its staff through rational risk assessment and security threat analysis.
• Managing the capital and expense budgets for security risk assessment operations and enterprise security programs, as well as monitoring and maintaining vendor agreements to ensure the delivery of requested capabilities.
• Leading technical teams in sophisticated technology planning, critical reviewing, and proactive problem-solving.
• Demonstrating the ability to work quickly and independently, with diligence and sensitivity to deadlines.

What You Have:

• Bachelor's degree from an accredited institution.
• Possesses active, nationally recognized cybersecurity certifications such as CISSP, CISM, GSLC, GICSP, GRID, GWAPT, or similar.
• Hands-on expertise in one or many cybersecurity engineering domains.
• Practical experience in various technology disciplines, like system administration, application development, or platform support.
• Background in engineering and architecting security solutions using industry standard frameworks, like ISO27001, IEC 62443, NIST CSF, etc.
• Excellent communication, presentation, and collaboration skills.
• Knowledge of customer-facing solutions that use connected asset Telematics data and the organizations that create these solutions.
• Experience with OT and IIoT in a Caterpillar business segment is preferred but not essential.
• General understanding of business operations, including technical infrastructure, general business processes, parts warehousing, distribution, dealer processes, manufacturing, and engineering functional applications.
• Practical experience using Agile/Scrum methodologies.

What You Will Get:
At Caterpillar, our goal is to provide a rewarding career. Our teams are critical to our customers' success in building a better world. Beyond hourly wages, we offer a total rewards package with benefits starting on day one (medical, dental, vision, RX, and 401K) and potential annual bonuses. Additional benefits include paid vacation and holidays (prorated based on hire date).
Additional Info:

• Position is in PEORIA, IL. You must be willing to work ONSITE 3 DAYS A WEEK.
• Relocation assistance is available.
• This position requires 20% travel.
• Sponsorship is NOT available.

Skills Descriptors:
Planning: Tactical, Strategic: Knowledge of effective planning techniques and ability to contribute to operational (short term), tactical (1-2 years) and strategic (3-5 years) planning in support of the overall business plan.
Level Extensive Experience:

• Develops, refines, and communicates tactical plans for own responsibilities.
• Provides the right level of detail as input for strategic plan development.
• Demonstrates the value and necessity of linking tactical plans to overall strategic plan.
• Ensures attention to the detail and dependencies of existing departmental-level plans.
• Plans for allocation of resources in line with unit goals, technical and business objectives.
• Ensures the planning process is integrated with the overall business plan.

Risk Management: Knowledge of processes, tools, and techniques for assessing and controlling an organization's exposure to risks of various kinds; ability to apply knowledge of risk management appropriately to diverse situations.
Level Working Knowledge:

• Produces and interprets common risk assessment and management reports.
• Identifies common technology, security, or financial risks relevant to own function or unit.
• Implements or manages risk management for own area.
• Documents the key steps of a unit-specific risk management process and associated procedures.
• Evaluates risk assessment models and techniques relevant to a specific line of business.

Talent Management: Knowledge of the critical competencies required to achieve intended results; ability to generate consistent approaches for hiring, selection, retaining and leveraging talent across the organization.
Level Working Knowledge:

• Recommends improvements to talent management initiatives based on analysis of data on their effectiveness.
• Maintains strong relationships with formal and informal mentors.
• Implements systems and methods for supporting talent management programs.
• Negotiates for key developmental experiences and transitional experiences.
• Introduces contacts from personal and professional networks to hiring managers.

Team Management: Knowledge of effective team building techniques; ability to form and manage effective teams.
Level Working Knowledge:

• Facilitates discussion of team goals, roles, needs, and responsibilities.
• Participates in defining the ground rules for individual and team responsibilities.
• Manages a team to the successful completion of a project or task.
• Recognizes the contribution of each team member publicly.
• Leads team meetings to review progress and performance, ensuring follow-up on previous decisions.

Information Technology (IT) Security Policies: Knowledge of IT security policies, standards, and procedures; ability to utilize a variety of administrative skill sets and technical knowledge to ensure cyber security compliance.
Level Expert:

• Leads discussions and answers complex questions regarding cross-functional IT policies and standards.
• Designs and drafts the framework of IT security policies while keeping compliance with organizational development goals.
• Forecasts technological industry trends and potential risks in the implementation of defined IT security policies.
• Creates and defines criteria to measure the effectiveness of IT security policies, standards, and procedures.
• Contributes to the establishment and use of best practices in IT security policies, standards, and procedures.
• Monitors organizational and functional adherence to IT security policies and procedures when addressing risk management.

Cyber Security: Knowledge of network attacks and the defenses used; ability to defend and prevent electronic threats, theft, and attacks.
Level Extensive Experience:

• Evaluates tools, challenges and opportunities for real-time threat monitoring and alerting.
• Participates in investigating cyber incidents and devising immediate and long-term responses.
• Uses reverse engineering to analyze malware and extent of impact or damage.
• Develops business and technology relevant cyber security solutions.
• Advises on methods, tools and technologies for cyber monitoring and threat intelligence.
• Consults on cyber security intelligence and defense mechanisms for a variety of platforms.

What You Will Get:

• Our goal at Caterpillar is for you to have a rewarding career. Our teams are critical to the success of our customers who build a better world.
• Here you earn more than just a salary because we value your performance. We offer a total rewards package that provides benefits on day one (medical, dental, vision, RX, and 401K) along with the potential of an annual bonus. Additional benefits include paid vacation days and paid holidays.
• All qualified individuals - Including minorities, females, veterans, and individuals with disabilities - are encouraged to apply.

About Caterpillar -
Caterpillar Inc. is the world's leading manufacturer of construction and mining equipment, off-highway diesel and natural gas engines, industrial gas turbines and diesel-electric locomotives. For nearly 100 years, we've been helping customers build a better, more sustainable world and are committed and contributing to a reduced-carbon future. Our innovative products and services, backed by our global dealer network, provide exceptional value that helps customers succeed.
Posting Dates:
October 25, 2024 - November 7, 2024
Any offer of employment is conditioned upon the successful completion of a drug screen.
EEO/AA Employer. All qualified individuals - Including minorities, females, veterans and individuals with disabilities - are encouraged to apply.
Not ready to apply? Join our Talent Community .