Software Security Engineer

Career Area:
Business Technologies, Digital and Data
Job Description:
Your Work Shapes the World at Caterpillar Inc.
When you join Caterpillar, you're joining a global team who cares not just about the work we do - but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here - we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it.
Caterpillar Inc. seeks Software Security Engineer at its facility located at 5205 N. O Connor Blvd Irving, TX 75039. Contribute to secure by design, secure development practices, Security testing and devSecOps of software systems and/or applications. Facilitate security efforts between the Cybersecurity Organization and the development teams creating services on the data platform. Help development teams identify security gaps in their applications and services and assist in coming up with solutions to close those gaps and make services compliant to enterprise security requirements. Review and assessment of architectural artifacts (e.g architecture diagrams) for compliance to security policy and identification of risks and potential areas of improvement. Collaborate with peer Cybersecurity professional in the assessment of IT solution for security posture. Liaison between Caterpillar Cybersecurity organization and the rest of Caterpillar to communicate, embed, and demonstrate compliance to Cybersecurity requirements. Technical point of contact for application teams related to automation, CI/CD, and Application Security Operations. Understand and communicate business risk with security risk. Understand and identify the existing processes and security gaps. Guide to improve and streamline the development process to secure the application in every stage of software development by implementing devSecOps. Competent to perform all assignments without close supervision; deliver more complex aspects of systems work. Work directly on complex application/technical problem identification and resolution. Drive application development focused around delivering of security needs features. Maintain high standards of software quality within the team by establishing good practices and habits. Guide the team to develop a structured application/interface code, new program documentation, operations documentation, and user guides in a casual, flexible environment. Maintain current knowledge on existing security procedures, directives and technology controls including application testing, threat modeling, attack and penetration testing, data classification and data handling. Participate in industry working groups and provide insights to product development teams on leading architecture, design, and security practices. Understand security requirements and risk tolerance baselines. Keep development teams accountable to metrics measuring risk. REQS: This position requires a Bachelor's, degree, or foreign equivalent, in Computer Science, Computer Information Systems, Software Engineering, or a related field and Two (2) years of experience as a Software Developer, IT Engineer, or related occupation in the software development field. Additionally, the applicant must have employment experience with: (1) Cloud Security best practices such as Cloud Security Alliance' CCM - Cloud Controls Matrix; (2) Security experience with MS Azure and AWS; (3) Relevant industry standards such as: ISO 27001, 27002, NIST CSF, ISA 62443, and SOC Reporting; and (4) Experience with information security processes and principles such as enterprise security architecture, threat model development, vulnerability assessment, risk analysis, defense in depth, SDLC, and Web services security. Telecommuting: 40% Telecommuting Allowed. Applicants who are interested in this position should apply via www.caterpillar.com/careers , search [Software Security Engineer / Reference #R0000277791 LI-DNI].
Posting Dates:
October 8, 2024 - February 4, 2025
Any offer of employment is conditioned upon the successful completion of a drug screen.
EEO/AA Employer. All qualified individuals - Including minorities, females, veterans and individuals with disabilities - are encouraged to apply.
Not ready to apply? Join our Talent Community .