Career Area:

　　Business Technologies, Digital and Data

　　Job Description:

　　Your Work Shapes the World at Caterpillar Inc.

　　When you join Caterpillar, you're joining a global team who cares not just about the work we do – but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here – we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it.

　　About Caterpillar

　　Caterpillar Inc. is the world’s leading manufacturer of construction and mining equipment, off-highway diesel and natural gas engines, industrial gas turbines and diesel-electric locomotives.

　　For nearly 100 years, we’ve been helping customers build a better, more sustainable world and are committed and contributing to a reduced-carbon future. Our innovative products and services, backed by our global dealer network, provide exceptional value that helps customers succeed.

　　Position Title: IT Security Analyst

　　Job Location: Bangalore, KA-India

　　Job Purpose

　　This is a security analyst role on the Vulnerability Management (VM) Team and is focused on delivery of security expertise, technical evaluations, execution and sustainability of the Caterpillar Vulnerability Management Program.

　　Job Duties/Responsibilities:

　　Perform vulnerability scanning and/or assessments of business applications, websites, and identify deviations from acceptable enterprise vulnerability management policy requirements.

　　Assist development teams to setup automation pipelines to perform SAST security testing against their applications

　　Triage the scanning tool results to remove false positives

　　Interface with IT operational teams to influence, prioritize and guidance on remediation of identified vulnerabilities.

　　Perform Governance workflows to ensure vulnerabilities are acknowledge and remediated by the development teams

　　Support various security and application development projects as a SME/team member to the Enterprise

　　Installation, configuration, and maintenance of CI/CD solutions with SAST/DAST enabled

　　Provide support of operational tools and methods for dynamic application security testing (DAST), static application security testing (SAST) per policies.

　　Obtain and maintain knowledge on existing security procedures and directives related to application security and vulnerability management.

　　Provide support for VM Team activities such as new tool implementation/investigation, significant architectural changes, and process improvements to vulnerability management.

　　Basic Qualifications:

　　Bachelor (4 year) degree in Security Engineering/Architecture, Computer Science, Cybersecurity or a related field

　　3-5 years of Cybersecurity, Risk Management, Information Technology experience

　　2+ years of DAST scanning experience (Web Inspect preferably)

　　2+ years of SAST scanning experience (Fortify preferably)

　　Ideal Candidate Will Also Have:

　　One or more professional information security certification from an accredited institution (CISSP, CCSP, CSSLP, CISM, GISCP, GWAPT, GWEB etc.)

　　Good Knowledge of OWASP Guidelines for application security.

　　2+ years of software development/testing experience in any of the following programming languages: C#, Python, Bash, Perl, JavaScript, C++, .Net

　　2+ Experience with Azure DevOps Pipelines; CI/CD Automation

　　1+ experience as a member of an Agile team

　　1-3 years of broad AWS or Azure experience

　　Working knowledge Azure DevOps (formerly VSTS)

　　Working knowledge with SQL queries and SQL/MySql database

　　Excellent analytical and problem-solving skills.

　　Exhibit strong influencing / negotiation skills as well as written/verbal communication skills and presentation skills.

　　Additional Information:

　　Caterpillar is not currently hiring individuals for this position who now or in the future require sponsorship for employment visa status; however, as a global company, Caterpillar offers many job opportunities outside of the U.S. which can be found through our employment website at www.caterpillar.com/careers

　　Caterpillar is an Equal Opportunity Employer (EEO)

　　EEO/AA Employer. All qualified individuals - including minorities, females, veterans and individuals with disabilities - are encouraged to apply.

　　Caterpillar is an Equal Opportunity Employer (EEO).

　　Not ready to apply? Join our Talent Community (http://flows.beamery.com/caterpillarinc/talcom) .

　　There’s more to work at Caterpillar than just the work itself. We hire smart, friendly people and it shows in our culture. We hold ourselves to high standards and make sure our values of integrity, excellence, teamwork, commitment and sustainability come to life in the way we work. We make sure our employees feel continuously challenged while also supported. We provide professional growth opportunities, including leadership programs. We celebrate the diversity of our team, while also working together as one Caterpillar.

　　Our culture, like everything at our company, is made possible by each employee’s contribution. Person by person, we create the environment we work in, and we are proud of the Caterpillar we’ve built.