DIGITAL SECURITY ARCHITECT
Are you looking for your next big challenge?
Caterpillar is investing in our digital future, and we’re looking for the best security architect for our Digital team. Our iconic products have evolved from mechanical work horses to highly sophisticated, electronically-controlled worksite solutions. This transformation, along with our smart factories and our integrated dealer network, has a wealth of data ready to be leveraged by our customers and our dealers. Think you have what it takes to architect the most secured digital platform to support Caterpillar’s digital revolution?
As a Digital Security Architect, you will be part of building a new cloud centric platform serving a complex eco-system of internal and external applications. You will need insure the end-to end solution is secure, yet able to seamlessly serve up data for application and analytical needs. You will need to leverage sophisticated techniques that ensure the development of our software solutions result in the highest quality for major business and initiatives that directly support the Caterpillar Digital Iron strategy and perform well for millions of Connected & non-connected Assets.
- Have responsibility for end-to-end Platform Security Architecture with a demonstrable level of expertise and capability to deliver secured platform
- Drive the security solution work stream activity for complex use cases and be accountable for the end-to-end technical & service design
- Collaborate with other architects, engineers, and domain SMEs to deliver complete cloud security architectures and solutions
- Ensure that solutions comply with enterprise security governance, compliance and assurance processes and ensure that any necessary functional approvals for the solution are received in accordance with the relevant governance processes (e.g. Security Huddle/STAR process)
- Creation of delivery documentation such as technical requirement design documents and technical component presentations.
- Works closely with enterprise IAM Manager to identify key technical components as required for project requirements and to assist in data access controls in the numerous native cloud technologies.
- Significant experience designing enterprise scale multi hierarchical organization, role base access controls, attribute-based controls and rule set based access control across numerous native cloud services and persistent stores.
- Position requires a four year degree from an accredited college or university.
- 3+ years of experience in Authentication, Authorization, Data entitlements, Data Security
- 5+ years object-oriented programming experience in C# OR Java
- 5+ years of experience as Security Architect
- Bachelor’s degree, preferably in Computer Science, Software Engineering, or any other Engineering field. Additional Security certifications is preferred
- Demonstrated experience defining the security model and implementation strategy for data entitlement access controls across numerous native cloud services and persistent stores
- Attribute based access control
- Role based access control
- Time based access control
- Rule set based access control
- 3+ years of experience with securing cloud centric platforms built from many native components from AWS, Azure, Google Cloud Platform as well as integrating third-party products.
- hands on experience in
- Selecting and setting up IAM, MFA on Cloud Platform
- Establishing 2 way TLS/SSL
- KMS, HSM
- Enabling Application Secret management for enterprise applications
- Defining REST security standards and enable adoption across enterprise
- Defining API security standards
- Cloud based Firewalls and access protection
- Container Registry vulnerability scan and Runtime security
· Knowledge of TCP/IP networking and Cybersecurity concepts
· Knowledge of Cloud security functional specialty or Cyber threats as they relate to Cloud environments
· Experience with infrastructure-as-code automation and tools
- Demonstrated previous experience and effectively influencing others at all levels within the organization.
- Work extensively with Directory Services teams to implement an authentication/authorization solution for application/systems logins.
- Identity Management experience in one or more of the following areas: Single Sign On, Identity Federation, Enterprise Directory Architecture and Design, Resource Provisioning, Role Base Access Control.
- Configuration, Administration & Design experience on the following areas:
- Identity Management
- Access Governance and access Management
- Advanced/Adaptive Authentication
- Privileged Access Management
- Directory Services
- Federated Authentication and Identity Management
- Consumer IAM
Relocation assistance is available for this position.