Application Security

hace 3 semanas


baja california, México Solar Turbines A tiempo completo

Your Work Shapes the World at Caterpillar Inc.

When you join Caterpillar, you're joining a global team who cares not just about the work we do – but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here – we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it.

We are seeking an Application Security (Appsec) developer to join our world-class cybersecurity team. This role will work with other cybersecurity professionals as well as IT partners to advocate for and create security solutions for the development of software and other technologies.

Career Area: Business Technologies, Digital and Data

Job Description:

Responsibilities:

DAST Scan Review and Triage:

  • Conduct in-depth reviews of DAST scan findings to identify and prioritize potential vulnerabilities.
  • Manually reproduce and retest vulnerabilities to validate their existence and severity.
  • Provide expert consulting to IT partners on remediation strategies and risk mitigation measures.

SAST Scan Review and Triage:

  • Conduct in-depth reviews of SAST scan findings, particularly those generated using GitHub CodeQL.
  • Analyze source code for vulnerabilities and provide recommendations for remediation.
  • Collaborate with development teams to address SAST findings and improve code quality.

Vulnerability Exploitation and Demonstration:

  • Manually exploit identified vulnerabilities to demonstrate their impact and risk to application owners.
  • Ensure compliance with Enterprise Security Policies and Directives, including OWASP Top 10, SANS 25 software flaws, and other vulnerabilities.

DAST Tool Configuration and Support:

  • Configure and tune the Enterprise DAST scanning tool to optimize its effectiveness.
  • Assist IT application owners in running self-service DAST scans on their applications.

Vulnerability Prioritization and Remediation:

  • Regularly review DAST scans and prioritize vulnerabilities based on risk and impact.
  • Collaborate with IT partners to drive remediation efforts and meet required metrics thresholds.

Technical Education and Awareness:

  • Provide technical education to IT application owners on web application vulnerabilities, their causes, and mitigation techniques.
  • Document and report DAST scan findings to business and IT stakeholders.

DAST Program Development and Support:

  • Contribute to the development and evolution of the DAST scanning program.
  • Provide awareness, education, and guidance on DAST tools and best practices.

Cross-Functional Collaboration:

  • Collaborate with Corporate Security partners and other teams to ensure effective security practices.
  • Provide backup support for SAST scanning operations and firewall rule requests.

Automation and Tool Development:

  • Develop automated software solutions and applications to improve efficiency and streamline security processes.
Minimum Qualifications:
  • Bachelor's degree in Computer Science, Information Technology, or related field or equivalent experience
  • 5+ years previous cumulative Information Technology and/or Cybersecurity experience
  • 3+ years experience developing software in at least one or more of the following disciplines: JavaScript, .Net Core, C#, CSS, Python, Java, Bootstrap, Git
  • 3+ years experience utilizing databases such as SQL or cloud native databases
Preferred Qualifications:
  • Knowledge of secure web application architecture patterns and common vulnerabilities (OWASP Top 10)
  • Familiar with access control systems, network security, or cryptography
  • Previous experience with DAST/SAST scanning tools
  • Active CISSP Certification or relevant industry certifications
  • Previous experience with Risk Management frameworks
  • Previous experience with Threat Model Assessments
  • Previous experience with Project Management (Waterfall, Agile, etc.)
  • Strong analytical and problem-solving skills
  • Excellent oral and written communication skills
  • Ability to work independently and in a team environment
  • Experience in developing software using UX/UI design principles
  • Experience in RESTful API design and implementation
  • Experience in cloud software development and security
Skill Descriptors

Consulting: Knowledge of techniques, roles, and responsibilities in providing technical or business guidance to clients, both internal and external; ability to apply consulting knowledge appropriately.

Cybersecurity Risk Management: Knowledge of tools, techniques, approaches and processes of cybersecurity risk management; ability to ensure organizational network operation and minimize negative effect by cybersecurity risks.

Information Security Technologies: Knowledge of technologies and technology-based solutions dealing with information security issues; ability to protect information security across the organization using encryption technologies and appropriate security software.

Information Technology (IT) Security Policies: Knowledge of IT security policies, standards, and procedures; ability to utilize a variety of administrative skill sets and technical knowledge to ensure cyber security compliance.

System and Technology Integration: Knowledge of the features and facilities of systems; ability to integrate and communicate among applications, databases and technology platforms.

Posting Dates: October 30, 2024 - November 8, 2024

Caterpillar is an Equal Opportunity Employer (EEO).

#J-18808-Ljbffr

  • baja california, México Solar Turbines A tiempo completo

    Career Area: Business Technologies, Digital and Data Job Description: Your Work Shapes the World at Caterpillar Inc. When you join Caterpillar, you're joining a global team who cares not just about the work we do – but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable...


  • baja california, México Thermo Fisher Scientific A tiempo completo

    Work Schedule Standard (Mon-Fri) Environmental Conditions Office Job Description About Thermo Fisher Scientific Thermo Fisher Scientific Inc. (NYSE: TMO) is the world leader in serving science, with annual revenue of approximately $40 billion. Our Mission is to enable our customers to make the world healthier, cleaner and safer. Whether our...


  • baja california, México Thermo Fisher Scientific A tiempo completo

    Work Schedule Other Environmental Conditions Office Job Description As part of the Thermo Fisher Scientific team, you’ll discover meaningful work that makes a positive impact on a global scale. Join our colleagues in bringing our Mission to life every day to enable our customers to make the world healthier, cleaner, and safer. We provide our global...


  • baja california, México Thermo Fisher Scientific A tiempo completo

    Work Schedule Standard (Mon-Fri) Environmental Conditions Office Job Description Thermo Fisher Scientific Inc. is seeking a highly skilled and experienced Staff Engineer, Software to join our world-class Engineering team. As a global leader in serving science, Thermo Fisher Scientific Inc. is dedicated to enabling our customers to make the world...

  • Staff Engineer, Software

    hace 3 semanas


    baja california, México ThermoFisher Scientific A tiempo completo

    ThermoFisher Scientific Staff Engineer, Software in Tijuana, Mexico Work Schedule: Standard (Mon-Fri) Environmental Conditions: Office Job Description: Thermo Fisher Scientific Inc. is seeking a highly skilled and experienced Staff Engineer, Software to join our world-class Engineering team. As a global leader in serving science, Thermo Fisher Scientific...


  • baja california, México Integer Holdings Corporation A tiempo completo

    By living according to a common set of values, we create a culture that unifies, embraces the uniqueness we all bring to the company, and positions Integer for long-term success. At Integer, our values are embedded in everything we do. Values Customer: We focus on our customers’ success. Innovation: We create better solutions. Collaboration: We create...

  • Cloud Engineer

    hace 3 semanas


    baja california, México Teradata A tiempo completo

    What You’ll Do: The Cloud Engineer manages Teradata’s as-a-service offering in the public cloud (AWS/Azure/GCP). The successful candidate will have delivery responsibilities in cloud network administration, security administration, deployment, provisioning, environment optimization, third-party software support, on-premise to cloud migration support for...

  • DevOps Engineer

    hace 3 semanas


    baja california, México SRAX Inc. A tiempo completo

    At SRAX, we have 5 core values; Energetic, Positive, Ownership, Collaboration, and Creativity. All of them are equally important and if you are someone that shares these values with us, please keep reading! About the position We are seeking an experienced DevOps Engineer (Contractor) to join our technical team. This role is pivotal in bridging the gap...

  • Cloud Engineer

    hace 3 semanas


    baja california, México Teradata Group A tiempo completo

    What You’ll Do The Cloud Engineer manages Teradata’s as-a-service offering in the public cloud (AWS/Azure/GCP). The successful candidate will have delivery responsibilities in cloud network administration, security administration, deployment, provisioning, environment optimization, third-party software support, On-premise to Cloud migration support for...


  • baja california, México Integer A tiempo completo

    By living according to a common set of values, we create a culture that unifies, embraces the uniqueness we all bring to the company, and positions Integer for long-term success. At Integer, our values are embedded in everything we do: Customer: We focus on our customers’ success. Innovation: We create better solutions. Collaboration: We create success...

  • Software Engineer

    hace 2 semanas


    baja california, México Trimble A tiempo completo

    Job Title: Full Stack Developer Your location: Mexicali, Mexico Our Division: Trimble - Viewpoint Are you passionate about developing software with the quality necessary to deliver on the most demanding customer requirements? About the Role Viewpoint is looking for a software developer for its “Team Project Communications” product platform team...


  • baja california, México Cardinal Health A tiempo completo

    What Engineering Program/Project Management contributes to Cardinal Health Job Description Define, validate, maintain and document manufacturing processes with optimal use of resources ensuring the level of quality, productivity and minimizing waste (scrap), continuously improving the capacity of processes to meet specifications. Define compliance dates for...


  • baja california, México Thermo Fisher Scientific A tiempo completo

    Work Schedule Standard (Mon-Fri) Environmental Conditions Office Job Description Position Summary: This is a hands-on Software Quality Assurance position that will be responsible for the testing and the end quality of a variety of applications. The candidate for this position will work in an Agile environment with development, Project Management and...


  • baja california, México Cardinal Health A tiempo completo

    What Engineering Program/Project Management contributes to Cardinal Health Job Description Define, validate, maintain and document manufacturing processes with optimal use of resources ensuring the level of quality, productivity and minimizing waste (scrap), continuously improving the capacity of processes to meet specifications. Define compliance dates...


  • baja california, México Trimble A tiempo completo

    Title: Software Development Engineer in Test (SDET) 2 Job Location:Mexicali, Mexico Our Department:Trimble Platform Our Business Segment: Architecture, Engineering, Construction & Owner (AECO) Trimble has an opening for a Software Developer Engineer in Test (SDET) Level II position in Mexicali, Mexico. This is an exciting time to join as we...


  • baja california, México Bose A tiempo completo

    You know the moment. It’s the first notes of that song you love, the intro to your favorite movie, or simply the sound of someone you love saying “hello.” It’s in these moments that sound matters most. At Bose, we believe sound is the most powerful force on earth. We’ve dedicated ourselves to improving it for nearly 60 years. And we’re passionate...


  • baja california, México Bose Corporation A tiempo completo

    You know the moment. It’s the first notes of that song you love, the intro to your favorite movie, or simply the sound of someone you love saying “hello.” It’s in these moments that sound matters most.At Bose, we believe sound is the most powerful force on earth. We’ve dedicated ourselves to improving it for nearly 60 years. And we’re passionate...

  • IT Engineer I

    hace 1 mes


    baja california, México Envista Holdings A tiempo completo

    Job Description: Provides IT support for all internal employees at Envista locations globally and local support. Ensures that all supports are logged, resolved, or are forwarded to the proper group for resolution. Responsible for PC configurations, imaging, ongoing system updates and maintenance. LAN/WAN network troubleshooting, and vendor coordination....