CyberSecurity Engineering and Compliance Manager
Career Area:
Digital
Job Description:
The Cybersecurity Engineering & Compliance Manager role is responsible for leading Security Engineers, Devops (SRE) Engineers and Advisors that work with the application owners, platform service owners to improve the security posture of the solutions and applications that empower our enterprise.
This organization drives cybersecurity principals into Caterpillar Connected Assets, Applications, as well as on-premise and cloud-hosted solutions. This role is at the forefront of Cat Digital's cybersecurity posture and manages the people, processes, and technologies that keep Caterpillar cyber safe.
JOB RELATED STATISTICS:
Revenue Impact: $ $0.5-1B.
Operating Budget: $2-4M
Caterpillar Headcount: 8-10
Agency/Consulting Headcount: 10-20
JOB DUTIES:
The Cybersecurity Engineering & Compliance Manager provides leadership in design, development and deployment of Caterpillar's systems and/or applications. The position supports the CAT Digital strategy, recognizes the service requirements/needs of dealers and customers, corporate and business unit goals, and gives input to leadership in formulating global concepts, strategies and plans to deliver service solutions.
- Responsibility for all aspects (service offerings, budget, personnel, strategy, execution, etc.) of:
- Connected Asset and Application Security Engineering
- On-premise and Cloud-hosted Security Engineering
- Global Cybersecurity Advisory Services
- Lead a high performing team of internal experts, consultants, and third parties to protect Caterpillar's footprint of digital connected products and services.
- Ensure risk awareness of numerous, simultaneous, significant enterprise projects or implementations.
- Execute and constantly improvement upon Security Assessment service offerings (Ex: Logical Technical Architectures, Third Party Risk Assessments, etc.).
- Developing and maintaining enterprise security policy directives aligned to ISO 27000 series control statements.
- Close collaboration with Compliance (legal, data governance etc.) organization to ensure Cat Digital solutions are complaint
- Prioritization of work efforts and budget to ensure organization is always working on the initiatives that deliver the highest value to the business.
- Consistent improvement and overall lifecycle ownership of organization's service offerings.
- Direct interaction with senior leadership, executive-level reporting, and metrics on operational aspects of the program.
- Maintain current knowledge on relevant internal and industry security frameworks, best practices, and procedures.
- Create, communicate, and execute the vision and strategy for the Cybersecurity Engineering & Advisory division aligned to overall cybersecurity strategy.
- Drive results by setting clear goals and holding team accountable and deal with performance issues and escalations.
- Manage customer or business partner relationships.
The position supervises a work unit of primarily management/professional employees where some review of subordinate work is required as well as training, development and mentoring. The position is responsible for all personnel issues and performance evaluation of subordinates, as well as overall employee satisfaction for the division.
Employee is also responsible for performing other job duties as assigned by Caterpillar management from time to time.
Basic Qualifications:
- Position requires a four-year degree from an accredited college or university.
- 12 years or more of experience in managing software development teams or at least 8 years of experience with master's degree in computer science or related field.
- 10+ years in the IT architecture or information security field with progressing levels of enterprise level accountability
- 5+ years' experience managing and implementing cybersecurity principles and industry frameworks inclusive of security of IT, OT, and/or IoT
- 4+ years' experience in developing, communicating, implementing, and managing large-scale, high profile corporate programs with 2 to 4 year strategic plans
- 4+ years' experience managing a security assessment team that identifies and addresses security non-compliance risks
Top candidates will also have:
- 5 years or more experience in designing and developing software applications in Java or Scala.
- 5 years or more of experience in public cloud technologies such as AWS or Azure.
- Demonstrated leadership on medium to large-scale projects impacting strategic priorities.
- Expert knowledge of cyber security principles and industry frameworks
- Demonstrated ability to develop metrics, perform critical analysis, and develop executive decision support content
- Experience leading security aspects of IoT, Application, digital services, and posture assessment activities
- Industry recognized Cybersecurity Certifications, examples include: GIAC GDSA, GPEN, GWAPT, GICSP, (ISC)2 CISSP
- Experience with most of the following technical cybersecurity domains:
- Core IT Security Architecture & Concepts
- Cloud Security
- IoT and embedded device security principals
- IAM Security
- Logging, Monitoring, and Incident Detection Principals
- Vulnerability identification, remediation, and exploitation techniques for infrastructure and web applications
- Strong understanding and/or experience in many of the following,
- Test driven development and behavior driven development.
- Must demonstrate solid knowledge of computer science fundamentals like data structures and algorithms.
- Proven ability to develop and execute on both operational and strategic initiatives
- Proven performance as a technical strategic decision maker
- Ability to work under pressure and within time constraints.
- Passion for technology and innovation.
This position can be based out of either our Chicago, IL; Peoria, IL or Dallas, TX offices with flexibility for partial remote work from home when we return to office.
EEO/AA Employer. All qualified individuals - Including minorities, females, veterans and individuals with disabilities - are encouraged to apply.
Not ready to apply? Submit your information to our Talent Network here .