Career Area:
Information Technology Job Description
...
The MineStar Security Engineer is responsible for ensuring security is embedded into MineStar on-board and back-office components.

The MineStar Security Engineer will be facilitating the continued adoption and implementation of Connected Asset Security Program processes into MineStar NPI processes and software development lifecycles. Additionally, the engineer will be working with product teams on security by design concepts and remediation activities resulting from security assessments and testing.

The MineStar Security Engineer will be responsible for working with global teams and maintaining a thorough awareness and understanding of the Connected Asset Security Program.

Job Duties/Responsibilities
• Apply Caterpillar Connected Asset Program deliverables to Mining Technology
• Coordinate, respond, and execute our cybersecurity strategy for Mining Technology
• Assimilate and prioritize cybersecurity requirements and drive MineStar architecture decisions aligning to the Connected Asset Program
• Participate in the response of customer and mining industry assessments, workshops, and any incidents
• Coordinate and communicate status of the mitigation and remediation of vulnerabilities identified in Cat A&P Tests
• Maintain ongoing security assessment process for MineStar
• Provide periodic internal stakeholder updates and act as the communication focal point for Cat mining technology inquiries and presentations
• Provide input and support to MineStar development teams throughout the product development lifecycle on a variety of connected product security requirements, including, but not limited to, security requirements, secure coding and configuration, software testing, third-party component management and security defect management
• Lead product development teams through remediation activities resulting from application testing, threat modeling and attack and penetration testing
• Maintain current industry expert knowledge on modern ICS (Industrial Control Systems) and Cloud security procedures, directives, tools, attack methodologies, directives, secure configuration baselines, , and technology controls including application testing, threat modeling, attack and penetration testing, data classification and data handling
• Act as the SME (Subject Matter Expert) for Product Communication, ICS, and Cloud technologies for MineStar as the MTES (Mining Technology Enabled Solutions) Servers move from a customer site to the Cloud.
• Perform security assessments on Command and MineStar solutions while influencing business decisions that affect cybersecurity for the next generation of MineStar products and solutions.
• Work with Development teams to provide Security Guidance and influence the cybersecurity posture of the solution during the development phase.
• Document risks and ensure MTES management is aware to make informed decisions when accepting risk.
• Provide connected asset security expertise and leadership in defining and prioritizing Connected Asset Security Programs initiatives
• Integrate the Connected Asset Security Program into the relevant stages of the product development lifecycle
• Report on metrics to the connected asset security steering committee and other business unit stakeholders
• Participate in industry working groups and provide insights to product development teams on leading architecture, design, and security practices

Required Qualifications
• Bachelor’s degree in Electrical Engineering, Computer Science, or a related field
• Expert experience with cybersecurity threat modeling and mitigation/remediation techniques
• Excellent written and verbal communications skills
• Ability to coordinate multiple teams in accomplishing process review and improvement
• Committed to technical learning and continuous education in cybersecurity

Desired Qualifications
• Experience or a passion for cybersecurity technical concepts, secure by design techniques, and industry best practices
• Demonstrated ability in project management and change management
• Experience with the product development processes
• Demonstrated ability to develop metrics, perform critical analysis and develop executive decision support content
• Practical experience with developing enterprise grade software
• Authentication and Authorization protocols

#LI-Hybrid
Relocation is available for this position.

EEO/AA Employer. All qualified individuals - Including minorities, females, veterans and individuals with disabilities - are encouraged to apply.

Not ready to apply? Submit your information to our Talent Network here
Irving TX USA

Salary Criteria