**Career Area:** Technology, Digital and Data **Job Description:** **Your Work Shapes the World at Caterpillar Inc.** When you join Caterpillar, you're joining a global team who cares not just about the work we do – but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here – we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it. **Connected Asset Security Engineer Team Lead** The Team Lead for Connected Asset Security Engineering is responsible for leading a team of engineers in supporting embedded security assessments and the development of Caterpillar product and back-office components. The Team Lead will facilitate the continued adoption and implementation of Connected Asset Security Program processes into Caterpillar NPI processes and software development lifecycles. Additionally, the Team Lead will work with product teams on security by design concepts and remediation activities resulting from security assessments and testing. Finally, the Team Lead will collaborate with the Manager to ensure team activities are performed according to standard operating procedures and requirements. **What You Will Do:** + Lead and mentor a team of Connected Asset Security Engineers. + Collaborate with Manager to provide leadership with strong organizational and people skills, alongside the ability to persuade, influence, lead, motivate others, and meet client expectations. + Perform security assessments on connected asset solutions while influencing business decisions that affect cybersecurity for the next generation of on-board products and solutions. + Work with development teams to provide security guidance and influence the cybersecurity posture of the solution during the development phase. + Document risks and ensure engineering management is aware to make informed decisions when accepting risk. + Coordinate, respond, and execute our cybersecurity strategy for connected assets. + Collaborate with Manager of the team to facilitate daily, weekly, and monthly updates on team metrics and workload. + Ensure team activities are monitored and acted upon in a timely manner based on standard operating procedures and expectations of management and business partners. + Assimilate and prioritize cybersecurity requirements and drive product architecture decisions aligning to the Connected Asset Program. + Participate in the response of customer and industry assessments, workshops, and incidents. + Actively participate in solution attack and penetration test scoping and vulnerability assessments. + Provide periodic internal stakeholder updates and function as the communication focal point for internal engineering team inquiries and presentations. + Provide input and support to solution development teams throughout the product development lifecycle on a variety of connected product security requirements, including, but not limited to, security requirements, secure coding and configuration, software testing, third-party component management, and security defect management. + Lead product development teams through remediation activities resulting from application testing, threat modeling, and attack and penetration testing. + Maintain current industry expert knowledge on modern ICS (Industrial Control Systems) and Cloud security procedures, directives, tools, attack methodologies, directives, secure configuration baselines, and technology controls. + Leverage expertise in application testing, threat modeling, attack and penetration testing, data classification, and data handling. + Function as the SME (Subject Matter Expert) for Product Communication, ICS, and Cloud technologies for embedded device development teams. + Provide connected asset security expertise and leadership in defining and prioritizing Connected Asset Security Programs initiatives. + Actively mentoring and training the rest of the team in Cybersecurity best practices for embedded systems and the Connected Asset Security Program. **What You Have:** + Bachelor’s degree in electrical engineering, Computer Science, or a related field. + Experience in IT, Computer Science, Cybersecurity, or a related field. + Demonstrated ability in mentoring and leading small teams. + Expert experience with cybersecurity threat modeling and mitigation/remediation techniques. + Professional information security certification, SANS GICSP minimum, additional desired. (e.g., CISSP, CSPP, etc.) + Excellent written and verbal communication skills. + Ability to coordinate multiple teams in accomplishing process review and improvement. + Committed to technical learning and continuous education in cybersecurity. + Detailed understanding of ISA/IEC 62443, ISO 27001, and NIST CSF. **Planning: Tactical, Strategic:** + Knowledge of effective planning techniques and ability to contribute to operational (short term), tactical (1-2 years) and strategic (3-5 years) planning in support of the overall business plan. **Communicating Complex Concepts:** + Knowledge of effective presentation tools and techniques to ensure clear understanding; ability to use summarization and simplification techniques to explain complex technical concepts in simple, plain language appropriate to the audience. **Consulting:** + Knowledge of techniques, roles, and responsibilities in providing technical or business guidance to clients, both internal and external; ability to apply consulting knowledge appropriately. **Cybersecurity Standards and Policies:** + Knowledge of developing cybersecurity policies, standards, and procedures; ability to develop and communicate policies, standards and procedures that guide interactions with customers. **Cybersecurity Risk Management:** + Knowledge of tools, techniques, approaches, and processes of cybersecurity risk management; ability to ensure organizational network operation and minimize negative effect by cybersecurity risks. **Information Security Technologies:** + Knowledge of technologies and technology-based solutions dealing with information security issues; ability to protect information security across the organization using encryption technologies and appropriate security software. **Top Candidates will also have:** + **GICSP Certification** + Experience or a passion for cybersecurity technical concepts, secure by design techniques, and industry best practices. + Demonstrated ability in project management and change management. + Experience with the product development processes. + Demonstrated ability to perform critical analysis and develop executive decision support content. + Practical experience with developing enterprise-grade software. + Experience with a wide variety of information security processes and principles, such as vulnerability assessment, risk analysis, defense in depth, SDLC and product development processes, identity and access management, networking concepts (routing, design, TCP/IP), network and endpoint security software, business process design, and web services security. + Some experience with PC or Service Administration in Linux. + Communicating Complex Concepts: Knowledge of effective presentation tools and techniques to ensure clear understanding; ability to use summarization and simplification techniques to explain complex technical concepts in simple, clear language appropriate to the audience. Intermediate knowledge of cloud concepts including virtual machines, containers, Platform-as-a-Service/serverless services, etc. + Familiarity with the ICS organization, autonomy solutions, or telematics. + Ability to adjust to multiple demands, changing priorities, uncertainty, ambiguity, and rapid change, while multitasking effectively. **Additional Info** : + The primary location for this position is Peoria, IL, Irving, TX or Nashville, TN. + **You must be willing to work ONSITE 3 DAYS A WEEK.** + **SPONSORSHIP IS NOT AVAILABLE.** + Relocation is available to those who qualify. **What You Will Get:** + Our goal at Caterpillar is for you to have a rewarding career. Our teams are critical to the success of our customers who build a better world. + Here you earn more than just a salary because we value your performance. We offer a total rewards package that provides benefits on day one (medical, dental, vision, RX, and 401K) along with the potential of an annual bonus. Additional benefits include paid vacation days and paid holidays. + All qualified individuals - Including minorities, females, veterans, and individuals with disabilities - are encouraged to apply. **About Caterpillar -** Caterpillar Inc. is the world’s leading manufacturer of construction and mining equipment, off-highway diesel and natural gas engines, industrial gas turbines and diesel-electric locomotives. For nearly 100 years, we’ve been helping customers build a better, more sustainable world and are committed and contributing to a reduced-carbon future. Our innovative products and services, backed by our global dealer network, provide exceptional value that helps customers succeed. **Final details:** Please frequently check the email associated with your application, including the junk/spam folder, as this is the primary correspondence method. If you wish to know the status of your application – please use the candidate log-in on our career website as it will reflect any updates to your status. **Summary Pay Range:** $144,960.00 - $217,320.00 Compensation and benefits offered may vary depending on multiple individualized factors, job level, market location, job-related knowledge, skills, individual performance and experience. Please note that salary is only one component of total compensation at Caterpillar. **Benefits:** Annual incentive bonus plan* Medical, dental, and vision coverage Paid time off plan (Vacation, Holiday, Volunteer, Etc.) 401k savings plan Health savings account (HSA) Flexible spending accounts (FSAs) Disability benefits Life Insurance Parental leave Healthy Lifestyle Programs Employee Assistance Programs Voluntary Benefits and Employee Discounts Tuition Reimbursement Career Development _*Subject to annual eligibility and incentive plan guidelines_ . **Posting Dates:** February 13, 2025 - February 27, 2025 Any offer of employment is conditioned upon the successful completion of a drug screen. EEO/AA Employer. All qualified individuals - Including minorities, females, veterans and individuals with disabilities - are encouraged to apply. Not ready to apply? Join our Talent Community (http://flows.beamery.com/caterpillarinc/talcom) .