Career Area:

Technology, Digital and Data

Job Description:

Your Work Shapes the World at Caterpillar Inc.

When you join Caterpillar, you're joining a global team who cares not just about the work we do – but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here – we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it.

Connected Asset Security Engineer

The Connected Asset Security Engineer is responsible for providing embedded and connected Caterpillar product security assessments including back-office components. You will facilitate the continued adoption and implementation of Connected Asset Security Program processes into Caterpillar NPI processes and software development lifecycles. Additionally, the engineer will be working with product teams on security by design concepts and remediation activities resulting from security assessments and testing.

The Connected Asset Security Engineer will be responsible for collaborating with global teams and maintaining a thorough awareness and understanding of the Connected Asset Security processes. You will also be responsible for planning tactical and strategic projects and work plans to support business objectives. Additionally, the engineer will be a consultant on industry standards such as IEC 62443 and ISO 27001.

What You Will Do:

• Perform security assessments on connected asset solutions while influencing business decisions that affect cybersecurity for the next generation of on-board products and solutions.

• Work with Development teams to provide Security Guidance and influence the cybersecurity posture of the solution during the development phase.

• Actively participate in solution attack and penetration test scoping and vulnerability assessments

• Provide periodic internal stakeholder updates and function as the communication focal point for internal engineering team inquiries and presentations.

• Provide input and support to solution teams throughout the product development lifecycle on connected product security requirements, including secure coding and configuration, software testing, third-party component management and security defect management.

• Document product vulnerabilities and communicate recommended remediations to product owners.

• Maintain current industry expert knowledge on modern ICS (Industrial Control Systems) and Cloud security procedures, directives, tools, attack methodologies, directives, secure configuration baselines, and technology controls.

• Leverage expertise in application testing, threat modeling, attack and penetration testing, data classification and data handling.

• Function as the SME (Subject Matter Expert) for Product Communication, ICS, and Cloud technologies for embedded device development teams.

• Provide connected asset security expertise and leadership in defining and prioritizing Connected Asset Security Programs initiatives.

What You Have:

• Bachelor’s degree in information technology, Computer Science, or a related field

• Working knowledge of control systems, IIoT, embedded controllers, autonomy solutions and/or telematics

• Working knowledge of cybersecurity threat modeling and mitigation/remediation techniques of control systems, embedded controllers, autonomy solutions and/or telematics

• Working knowledge of TCP/IP networking.

• Excellent written and verbal communications skills

• Ability to coordinate multiple teams in accomplishing process review and improvement.

• Committed to technical learning and continuous education in cybersecurity.

• Intermediate understanding of ISA/IEC 62443, ISO 27001, and NIST CSF

Top Candidates Will Have:

• Expert experience in cybersecurity technical concepts, secure by design techniques, and industry best practices.

• Demonstrated ability in project management and change management.

• Demonstrated ability to perform critical analysis and develop executive decision support content.

• Experience with a wide variety of information security processes and principles, for example:

  • Vulnerability assessment

  • Risk analysis

  • Defense in depth

  • SDLC and product development processes

  • Identity and access management

  • Networking concepts (routing, design, TCP/IP)

  • Network and endpoint security software.

  • Business process design

  • Web services security

• Professional information security certification (e.g., CISSP, CCSP, SANS Certifications, etc.)

• Expert experience in control systems, IIoT, embedded controllers, autonomy solutions and telematics.

• Expert experience with ISA/IEC 62443, ISO 27001, and NIST CSF

• Ability to adjust to multiple demands, changing priorities, uncertainty, ambiguity, and rapid change, while multitasking effectively

• Experience with RTOS control systems, Embedded Component Programming including Cybersecurity testing and assessment.

Skills Descriptors:

Planning: Tactical, Strategic:

• Knowledge of effective planning techniques and ability to contribute to operational (short term), tactical (1-2 years) and strategic (3-5 years) planning in support of the overall business plan.

Communicating Complex Concepts:

• Knowledge of effective presentation tools and techniques to ensure clear understanding; ability to use summarization and simplification techniques to explain complex technical concepts in simple, plain language appropriate to the audience.

Consulting:

• Knowledge of techniques, roles, and responsibilities in providing technical or business guidance to clients, both internal and external; ability to apply consulting knowledge appropriately.

Cybersecurity Standards and Policies:

• Knowledge of developing cybersecurity policies, standards, and procedures; ability to develop and communicate policies, standards and procedures that guide interactions with customers.

Cybersecurity Risk Management:

• Knowledge of tools, techniques, approaches, and processes of cybersecurity risk management; ability to ensure organizational network operation and minimize negative effect by cybersecurity risks.

Information Security Technologies:

• Knowledge of technologies and technology-based solutions dealing with information security issues; ability to protect information security across the organization using encryption technologies and appropriate security software.

Additional Info:

• The primary location for this position is Peoria, IL, Irving, TX or Nashville, TN.

• You must be willing to work ONSITE 5 DAYS A WEEK.

• SPONSORSHIP IS NOT AVAILABLE.

• Relocation is available to those who qualify.

What You Will Get:

• Our goal at Caterpillar is for you to have a rewarding career. Our teams are critical to the success of our customers who build a better world.

• Here you earn more than just a salary because we value your performance. We offer a total rewards package that provides benefits on day one (medical, dental, vision, RX, and 401K) along with the potential of an annual bonus. Additional benefits include paid vacation days and paid holidays.

• All qualified individuals - Including minorities, females, veterans, and individuals with disabilities - are encouraged to apply.

About Caterpillar -

Caterpillar Inc. is the world’s leading manufacturer of construction and mining equipment, off-highway diesel and natural gas engines, industrial gas turbines and diesel-electric locomotives. For nearly 100 years, we’ve been helping customers build a better, more sustainable world and are committed and contributing to a reduced-carbon future. Our innovative products and services, backed by our global dealer network, provide exceptional value that helps customers succeed.

Final details:

Please frequently check the email associated with your application, including the junk/spam folder, as this is the primary correspondence method. If you wish to know the status of your application – please use the candidate log-in on our career website as it will reflect any updates to your status.

Summary Pay Range:

$144,960.00 - $217,320.00

Compensation and benefits offered may vary depending on multiple individualized factors, job level, market location, job-related knowledge, skills, individual performance and experience. Please note that salary is only one component of total compensation at Caterpillar.

Benefits:

Subject to plan eligibility, terms, and guidelines. This is a summary list of benefits.

• Medical, dental, and vision benefits*

• Paid time off plan (Vacation, Holidays, Volunteer, etc.)*

• 401(k) savings plans*

• Health Savings Account (HSA)*

• Flexible Spending Accounts (FSAs)*

• Health Lifestyle Programs*

• Employee Assistance Program*

• Voluntary Benefits and Employee Discounts*

• Career Development*

• Incentive bonus*

• Disability benefits

• Life Insurance

• Parental leave

• Adoption benefits

• Tuition Reimbursement

* These benefits also apply to part-time employees

Posting Dates:

May 8, 2025 - May 20, 2025

Any offer of employment is conditioned upon the successful completion of a drug screen.

EEO/AA Employer. All qualified individuals - Including minorities, females, veterans and individuals with disabilities - are encouraged to apply.

Not ready to apply? Join our Talent Community.