Job Description

Career Area: Information Technology

:

Position Title: Cybersecurity Web Application Firewall Specialist (Highly Flexible Work Location)

Job Location: Bangalore & Chennai, India

Caterpillar Inc. is the world\'s leading manufacturer of construction and mining equipment, off-highway diesel and natural gas engines, industrial gas turbines and diesel-electric locomotives.

For nearly 100 years, we\'ve been helping customers build a better, more sustainable world and are committed and contributing to a reduced-carbon future. Our innovative products and services, backed by our global dealer network, provide exceptional value that helps customers succeed.

Join Caterpillar as a cybersecurity analyst on the Caterpillar Cybersecurity Vulnerability Management Team. This role will be focused on delivery of security subject matter expertise for the advancement, execution and sustainability of the Cybersecurity Web Application Firewall service and program.

Job Duties/Responsibilities

• Provide support to Application Development teams on policies, procedures, and operational processes regarding WAF configurations and migrated applications as well as future migrations. Shall recommend operational processes to ensure successful migration and maintenance of applications behind the WAF.
• Provide engineering support for WAF readiness and security policy readiness. Engineering support onboarding activities for external applications including scheduling & executing Private Key Transit, and scheduling & executing WAF-deployment activities.
• Priority Setting based on Customer impact/understanding, pain points,
• Perform Customer outreach meetings to share service expansion & improvements
• Highly motivated and self-directed. Responsible for setting work unit and project deadlines.
• Key contributor on departmental project teams and/or plan and support/mentor team members. Not a supervisory position.
• Execute ITSM (Incident/Problem/Change) for the WAF team
• Consult with Development teams to ensure accurate application deployments into Production.
• Should have experience with web-based attacks, OWASP Top 10 web vulnerabilities, web application testing with tools like Zed Attack Proxy, and extensive knowledge of networking protocols
• Travel expected is 2 times a year for 1 week increment for in-person strategy planning.

Basic Qualifications:

• Bachelor\'s degree in security engineering/Architecture, Computer Science, Cybersecurity or a related field
• 5 years of Cybersecurity, Information Technology, Risk Management and/or Cyber Threat Intelligence
• 5-8 years of Information Technology experience (Networking or Application Development)
• Understanding of web application firewall tools, concepts, methodologies.
• Good Knowledge of OWASP Top 10 Guidelines for application security.
• Good documentation and process development skills.
• Microsoft Office (Excel, PowerPoint, Word, Outlook)
• Experience with cloud security: Amazon AWS, Windows Azure

Ideal Candidate Will Also Have:

• One or more professional information security certification from an accredited institution (CISSP, CCSP, CSSLP, CISM, GISCP, GWAPT, GWEB etc.)
• 5+ years of Information Security Knowledge of Information Security, IT Risks and Controls assessment, Cyber Threat assessments
• Knowledge of information security frameworks, ISO 27001, 27002, NIST CSF, NIST 800-82.
• Knowledge of Cybersecurity risks associated with vulnerability testing, patch management, and secure configuration management.
• Previous Application Development assignment is highly desired
• Good Knowledge of software development processes, integration of security assessments in Software development life cycle (SDLC) process, secure coding is desirable.
• Experience with ServiceNow IT Ticketing system.
• Experience with SAST tools - Fortify, Checkmarx
• Experience with DAST tools - WebInspect, Acunetix
• Understanding of multi-tiered architecture
• Experience developing and testing apps in .NET or Java and other leading modern programming languages and technologies
• Experience with newer development frameworks
• Network Infrastructure experience with multi-vendor environments.
• Excellent critical thinking, analytical and problem-solving skills.
• Ability to adjust to multiple demands, changing priorities, ambiguity, and rapid change, while multitasking effectively.

Caterpillar is an Equal Opportunity Employer (EEO).

Not ready to apply? Submit your information to our Talent Network .

Caterpillar