Career Area: Business Technologies, Digital and Data : Your Work Shapes the World at Caterpillar Inc. When you join Caterpillar, you\'re joining a global team who cares not just about the work we do \xe2\x80\x93 but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don\'t just talk about progress and innovation here \xe2\x80\x93 we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it.

About Caterpillar Caterpillar Inc. is the world\xe2\x80\x99s leading manufacturer of construction and mining equipment, off-highway diesel and natural gas engines, industrial gas turbines and diesel-electric locomotives. For nearly 100 years, we\xe2\x80\x99ve been helping customers build a better, more sustainable world and are committed and contributing to a reduced-carbon future. Our innovative products and services, backed by our global dealer network, provide exceptional value that helps customers succeed. Position Title: IT Security Analyst Job Location: Bangalore, KA-India Job Purpose This is a security analyst role on the Vulnerability Management (VM) Team and is focused on delivery of security expertise, technical evaluations, execution and sustainability of the Caterpillar Vulnerability Management Program. Job Duties/Responsibilities:

• Perform vulnerability scanning and/or assessments of business applications, websites, and identify deviations from acceptable enterprise vulnerability management policy requirements.
• Assist development teams to setup automation pipelines to perform SAST security testing against their applications
• Triage the scanning tool results to remove false positives
• Interface with IT operational teams to influence, prioritize and guidance on remediation of identified vulnerabilities.
• Perform Governance workflows to ensure vulnerabilities are acknowledge and remediated by the development teams
• Support various security and application development projects as a SME/team member to the Enterprise
• Installation, configuration, and maintenance of CI/CD solutions with SAST/DAST enabled
• Provide support of operational tools and methods for dynamic application security testing (DAST), static application security testing (SAST) per policies.
• Obtain and maintain knowledge on existing security procedures and directives related to application security and vulnerability management.
• Provide support for VM Team activities such as new tool implementation/investigation, significant architectural changes, and process improvements to vulnerability management.

Basic Qualifications:

• Bachelor (4 year) degree in Security Engineering/Architecture, Computer Science, Cybersecurity or a related field
• 3-5 years of Cybersecurity, Risk Management, Information Technology experience
• 2+ years of DAST scanning experience (Web Inspect preferably)
• 2+ years of SAST scanning experience (Fortify preferably)

Ideal Candidate Will Also Have:

• One or more professional information security certification from an accredited institution (CISSP, CCSP, CSSLP, CISM, GISCP, GWAPT, GWEB etc.)
• Good Knowledge of OWASP Guidelines for application security.
• 2+ years of software development/testing experience in any of the following programming languages: C#, Python, Bash, Perl, JavaScript, C++, .Net
• 2+ Experience with Azure DevOps Pipelines; CI/CD Automation
• 1+ experience as a member of an Agile team
• 1-3 years of broad AWS or Azure experience
• Working knowledge Azure DevOps (formerly VSTS)
• Working knowledge with SQL queries and SQL/MySql database
• Excellent analytical and problem-solving skills.
• Exhibit strong influencing / negotiation skills as well as written/verbal communication skills and presentation skills.

Additional Information: Caterpillar is not currently hiring individuals for this position who now or in the future require sponsorship for employment visa status; however, as a global company, Caterpillar offers many job opportunities outside of the U.S. which can be found through our employment website at www.caterpillar.com/careers

Caterpillar is an Equal Opportunity Employer (EEO)

EEO/AA Employer. All qualified individuals - including minorities, females, veterans and individuals with disabilities - are encouraged to apply. Posting Dates: April 9, 2024 - April 17, 2024 Caterpillar is an Equal Opportunity Employer (EEO). Not ready to apply? Join our Talent Community .