CSIRT Detection & Mitigation Analyst
Career Area:
Information Technology
Job Description:
Your Work Shapes the World
Whether it be groundbreaking products, best in class solutions or creating a lifelong career, you can do the work that matters at Caterpillar. With a 95-year legacy of quality and innovation and 150 locations in countries around the world, your impact spans the globe.
At Caterpillar, a brand recognized the world over, your office could be closer than you ever realized. Caterpillar's highly flexible work environment fosters a culture to inspire unconventional ideas to accomplish remarkable results. With life demands ever-changing, Caterpillar provides employees the autonomy to choose their work location based on their daily commitments and how/where they work most efficiently and effectively. It's time to start building what matters most, your career!
When you join Caterpillar, you are joining a team of makers, innovators and doers. We are the people who roll up our sleeves and do the work to build a better world. We don't just talk about progress and innovation. We make it happen. And we are proud of that because it helps our customers build and power the world we live in - the roads, hospitals, homes and infrastructure. Without a dedicated workforce Caterpillar could not effectively meet our customer's needs. Join us.
Job Purpose:
The D&M (Detection and Mitigation) team is a critical component of Caterpillar's CSIRT (Cyber Security Incident Response Team). Analysts on the D&M team are responsible for the continuous monitoring and response to security alerts and events that occur within Caterpillar's global network. This includes investigating Malware alerts, Phishing emails, anomalous activity, and anomalous network traffic. The D&M team also takes necessary action to remediate these events.
Description:
Responsibilities include:
- Monitor SIEM for security alerts
- Investigate alerts with various Security tools
- Take necessary steps to remediate any security issues
- Monitor the Phishing inbox, investigate and respond to all reported emails
- Inspect file attachments and links for potential malware
- Investigate network alerts through the IDS tool
- Ensure accurate case notes are recorded
Basic Requirements:
- Must be a US citizen, permanent resident, or Green Card holder
- At least 6 years working in IT (Information Technology) Security
- At least 2 years of experience working in a large, global Security Operations Center
- At least 2 years of experience with SIEM solutions
- At least 2 years of experience with EDR solutions
- At least 2 years of experience with Antivirus solutions
- At least 2 years of experience with network monitoring solutions
- GIAC Certified Incident Handler (GCIH)
- Moderate proficiency in PowerShell
- Proven critical thinking skills and ability to solve problems
- Proven ability to learn new tools, processes, and technical concepts quickly
Top Candidate Will Also Have:
- Experience performing network investigation and packet analysis
- Experience with memory analysis and endpoint forensics
- Strong knowledge of Incident handling and Cyber Security Kill Chain
- Understanding of Windows Authentication protocols, Explicit Proxy, IDS, EDR, UEBA, and SandboxingNo Job Description Provided
Additional Details:
- Location: Dallas, Texas; Nashville, Tennessee; East Peoria, Illinois
- Relocation is offered
- Hybrid work is offered
Employee benefit details:
Our goal at Caterpillar is for you to have a rewarding career. Our teams are critical to the success of our customers who build a better world.
Here you earn more than just a salary, because we value your performance. We offer a total rewards package that provides day one benefits [medical, dental, vision, RX, and 401(k)] along with the potential of an annual bonus.
Additional benefits include paid vacation days and paid holidays (prorated based upon hire date).
Final details:
Please frequently check the email associated with your application, including the junk/spam folder, as this is the primary correspondence method. If you wish to know the status of your application - please use the candidate log-in on our career website as it will reflect any updates to your status.
This employer is not currently hiring foreign national applicants that require or will require sponsorship tied to a specific employer, such as H, L, TN, F, J, E, O. As a global company, Caterpillar offers many job opportunities outside of the U.S. which can be found through our employment website at www.Caterpillar.com/Careers
EEO/AA Employer. All qualified individuals - Including minorities, females, veterans and individuals with disabilities - are encouraged to apply.
Not ready to apply? Submit your information to our Talent Network here .