Sr. Cybersecurity Threat & Vulnerability Analyst
Career Area:
Information Technology
Job Description:
This is a senior security analyst role on the Caterpillar Cybersecurity Vulnerability Management Team and is focused on delivery of security subject matter expertise for the advancement, execution and sustainability of the Cybersecurity Vulnerability Management Programs.
Job Duties/Responsibilities:
- Provide strategic/thought leadership on maturing and optimizing Vulnerability Management Programs focused on infrastructure security and protection (VMI).
- Maintain clear ownership and daily accountability of VMI security operational processes and technologies.
- Provide direction and support of operational tools and processes for identifying and communicating vulnerable items for Vulnerability Management Infrastructure (VMI).
- Provide input and support to leaders/peers from architecture, engineering, and IT operations on architecting tools and solutions related to vulnerability and secure configuration management.
- Obtain and maintain knowledge on existing security procedures and directives related to vulnerability management.
- Provide overview of services and status of key project to stakeholders and security leadership.
- SME and/or key contributor on team deliverables and key projects. Provide oversight for VM activities such as; new tool implementation/investigation, significant changes, and process improvements.
- Develop and report on metrics to departmental and business unit leaders & stakeholders.
- Maintenance and configuration of API's for creating vulnerability groups in ServiceNow
- Develop and maintain workflows in ServiceNow related to vulnerability management remediation processes.
- Interface with IT Operations staff and leadership to drive efficiency into vulnerability management processes in ServiceNow
- Educate Caterpillar workforce on VMI operational processes to ensure successful execution.
Basic Qualifications:
- Bachelor (4 year) degree in Security Engineering/Architecture, Computer Science, Cybersecurity or a related field
- 5 years of Cybersecurity, Information Technology, Risk Management and/or Cyber Threat Intelligence
- 5-8 years of Information Technology experience
Ideal Candidate Will Also Have:
- One or more professional information security certification from an accredited institution (CISSP, CCSP, CSSLP, CISM, GISCP, GWAPT, GWEB etc.)
- Other vendor certifications such as ServiceNow and Qualys are preferred, but not required.
- 5+ years of Information Security Knowledge of Information Security, IT Risks and Controls assessment, Cyber Threat assessments
- Knowledge of information security frameworks, ISO 27001, 27002, NIST CSF, NIST 800-82.
- Knowledge of Cybersecurity risks associated with vulnerability testing, patch management, and secure configuration management.
- Experience with vulnerability scanning tools & technologies such as Qualys.
- Experience with Vulnerability Response Module in ServiceNow or other ServiceNow module experience.
- Excellent critical thinking, analytical and problem-solving skills.
- Ability to adjust to multiple demands, changing priorities, ambiguity, and rapid change, while multitasking effectively.
- Exhibit strong influencing / negotiation skills as well as written/verbal communication skills and presentation skills.
- Ability to work with and influence developers, development managers, project managers, technology peers, and business contacts are required.
This position can be on-site in Dallas, Texas; Nashville, Tennessee; or East Peoria, Illinois.
Relocation assistance is not available for this position. Any relocation costs incurred would be the responsibility of the selected applicant
This employer is not currently hiring foreign national applicants that require or will require sponsorship tied to a specific employer, such as H, L, TN, F, J, E, O. As a global company, Caterpillar offers many job opportunities outside of the U.S. which can be found through our employment website at www.caterpillar.com/careers
EEO/AA Employer. All qualified individuals - Including minorities, females, veterans and individuals with disabilities - are encouraged to apply.
Not ready to apply? Submit your information to our Talent Network here .