Caterpillar Inc. Information Security Engineer - 17000197 in Peoria, Illinois

This job was posted by : For more information, please see: The Connected Asset Security Architect is responsible for providing thought leadership associated to Caterpillar's increasing Internet of Things (IoT) footprint. The Connected Asset Security Architect will develop, socialize, and drive the execution of strategic and tactical initiatives related to Caterpillar's connected assets, including both products and other connected devices. The Connected Asset Security Architect will also partner with Caterpillar's product development teams throughout the world. Strong technical expertise along with up-to-date understanding of information security industry trends are foundational skills required by the Connected Asset Security Architect.

Job Duties/Responsibilities

* Provide connected asset security expertise and leadership in defining and prioritizing Connected Asset Security Programs initiatives

* Integrate the Connected Asset Security Program into the relevant stages of the product development lifecycle

* Perform design and architecture reviews, validating that information security artifacts are created and align with industry standards and regulations.

* Assist with product development remediation and mitigation activities

* Report on metrics to the connected asset security steering committee and other business unit stakeholders

* Maintain current knowledge on existing security procedures, directives and technology controls including application testing, threat modeling, attack and penetration testing, data classification and data handling

* Participate in industry working groups and provide insights to product development teams on leading architecture, design, and security practices

Basic Qualifications:

* Bachelor's degree in Electrical Engineering, Computer Science or a related field

* Ten or more years in information security or engineering

* Experience with relevant industry standards, such as:

* ISO 27001, 27002


* NIST 800-82

* ISA 62443

* SOC Reporting

* Experience with a wide variety of information security processes and principles, such as:

* Enterprise security architecture

* Embedded systems security

* Threat model development

* Vulnerability assessment

* Risk analysis

* Defense in depth

* SDLC and product development processes

* Identity and access management

* Networking concepts (routing, design, TCP/IP)

* Business process design

* Web services security

Ideal Candidates Will Also Have:

* Professional information security certification (CISSP, CCSP, CSSLP, GISCP, GWAPT, GWEB etc)

* Excellent written and verbal communications skills; demonstrated ability to communicate highly technical security concepts to non-security audiences

* Strong understanding and experience with information security technologies

* Ability to adjust to multiple demands, changing priorities, ambiguity, and rapid change, while multitasking effectively

* Ability to coordinate multiple teams in accomplishing process review and improvement

* Demonstrated ability in project management and change management

* Demonstrated ability to develop metrics, perform critical analysis and develop executive decision support content

Caterpillar is not currently hiring individuals for this position who now or in the future require sponsorship for employment based non-immigrant and immigrant visas. However, as a global company, Caterpillar offers many job opportunities outside of the U.S. which can be found through our employment website

Relocation assistance is available for this position.

EEO/AA Employer. All qualified individuals - including minorities, females, veterans and individuals with disabilities - are encouraged to apply.