Cybersecurity DevSecOps Analyst

Your Work Shapes the World at Caterpillar Inc. When you join Caterpillar, you're joining a global team who cares not just about the work we do – but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here – we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it. Job Summary: Join Caterpillar as a cybersecurity analyst on the Caterpillar Cybersecurity Vulnerability Management Team. This role will be focused on DevSecOps transition, web application security testing and security tool integrations within SDLC. What You Will Do: Advocate "Shift Left" and DevSecOps transformation Provide operational support for Static Application Security Testing (SAST) service and tooling Deliver technical support in the integration of security tools in CI/CD pipelines and S-SDLC Educate and provide customer support to web application teams, owners, developers on application security, vulnerability management, and those utilizing SAST tooling Work with VM team leadership and peers to drive efficiency into vulnerability management processes in ServiceNow and application security services Maintain knowledge on existing security procedures and directives related to application security and vulnerability management What You Have: Bachelor's degree in Cybersecurity, Security Engineering/Architecture, Computer Science, or a related field 2-5 years of Cybersecurity, Penetration Testing and/or Vulnerability Management Experience with SAST tools – GitHub Advanced Security (CodeQL, Dependabot, Secret Scanning), Checkmarx, etc. Good Knowledge of OWASP Guidelines for web/mobile application and API security Good Knowledge of software development processes, integration of security assessments in Software development life cycle (SDLC) process, secure coding is required Top Candidates Will Also Have: One or more professional information security certification from an accredited institution (CISSP, CCSP, CSSLP, CISM, GISCP, GWAPT, GWEB etc.) Experience developing and testing apps in .NET or Java and other leading modern programming languages and technologies Experience with newer development frameworks Experience with cloud security: Amazon AWS, Windows Azure Excellent critical thinking, problem-solving, as well as written/verbal communication skills

Caterpillar is a global manufacturing company that develops, engineers, manufactures, markets and sells machinery, engines, financial products and insurance to customers via a worldwide dealer network. It is one of the largest construction equipment manufacturers in the world.