Application Security
hace 1 semana
Your Work Shapes the World at Caterpillar Inc.
When you join Caterpillar, you're joining a global team who cares not just about the work we do – but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here – we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it.
We are seeking an Application Security (Appsec) developer to join our world-class cybersecurity team. This role will work with other cybersecurity professionals as well as IT partners to advocate for and create security solutions for the development of software and other technologies.
Career Area: Business Technologies, Digital and Data
Job Description:
Responsibilities:DAST Scan Review and Triage:
- Conduct in-depth reviews of DAST scan findings to identify and prioritize potential vulnerabilities.
- Manually reproduce and retest vulnerabilities to validate their existence and severity.
- Provide expert consulting to IT partners on remediation strategies and risk mitigation measures.
SAST Scan Review and Triage:
- Conduct in-depth reviews of SAST scan findings, particularly those generated using GitHub CodeQL.
- Analyze source code for vulnerabilities and provide recommendations for remediation.
- Collaborate with development teams to address SAST findings and improve code quality.
Vulnerability Exploitation and Demonstration:
- Manually exploit identified vulnerabilities to demonstrate their impact and risk to application owners.
- Ensure compliance with Enterprise Security Policies and Directives, including OWASP Top 10, SANS 25 software flaws, and other vulnerabilities.
DAST Tool Configuration and Support:
- Configure and tune the Enterprise DAST scanning tool to optimize its effectiveness.
- Assist IT application owners in running self-service DAST scans on their applications.
Vulnerability Prioritization and Remediation:
- Regularly review DAST scans and prioritize vulnerabilities based on risk and impact.
- Collaborate with IT partners to drive remediation efforts and meet required metrics thresholds.
Technical Education and Awareness:
- Provide technical education to IT application owners on web application vulnerabilities, their causes, and mitigation techniques.
- Document and report DAST scan findings to business and IT stakeholders.
DAST Program Development and Support:
- Contribute to the development and evolution of the DAST scanning program.
- Provide awareness, education, and guidance on DAST tools and best practices.
Cross-Functional Collaboration:
- Collaborate with Corporate Security partners and other teams to ensure effective security practices.
- Provide backup support for SAST scanning operations and firewall rule requests.
Automation and Tool Development:
- Develop automated software solutions and applications to improve efficiency and streamline security processes.
- Bachelor's degree in Computer Science, Information Technology, or related field or equivalent experience
- 5+ years previous cumulative Information Technology and/or Cybersecurity experience
- 3+ years experience developing software in at least one or more of the following disciplines: JavaScript, .Net Core, C#, CSS, Python, Java, Bootstrap, Git
- 3+ years experience utilizing databases such as SQL or cloud native databases
- Knowledge of secure web application architecture patterns and common vulnerabilities (OWASP Top 10)
- Familiar with access control systems, network security, or cryptography
- Previous experience with DAST/SAST scanning tools
- Active CISSP Certification or relevant industry certifications
- Previous experience with Risk Management frameworks
- Previous experience with Threat Model Assessments
- Previous experience with Project Management (Waterfall, Agile, etc.)
- Strong analytical and problem-solving skills
- Excellent oral and written communication skills
- Ability to work independently and in a team environment
- Experience in developing software using UX/UI design principles
- Experience in RESTful API design and implementation
- Experience in cloud software development and security
Consulting: Knowledge of techniques, roles, and responsibilities in providing technical or business guidance to clients, both internal and external; ability to apply consulting knowledge appropriately.
Cybersecurity Risk Management: Knowledge of tools, techniques, approaches and processes of cybersecurity risk management; ability to ensure organizational network operation and minimize negative effect by cybersecurity risks.
Information Security Technologies: Knowledge of technologies and technology-based solutions dealing with information security issues; ability to protect information security across the organization using encryption technologies and appropriate security software.
Information Technology (IT) Security Policies: Knowledge of IT security policies, standards, and procedures; ability to utilize a variety of administrative skill sets and technical knowledge to ensure cyber security compliance.
System and Technology Integration: Knowledge of the features and facilities of systems; ability to integrate and communicate among applications, databases and technology platforms.
Posting Dates: October 30, 2024 - November 8, 2024
Caterpillar is an Equal Opportunity Employer (EEO).
#J-18808-Ljbffr-
Application Security
hace 3 semanas
baja california, México Solar Turbines A tiempo completoCareer Area: Business Technologies, Digital and Data Job Description: Your Work Shapes the World at Caterpillar Inc. When you join Caterpillar, you're joining a global team who cares not just about the work we do – but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable...
-
Senior Product Security Engineer
hace 3 semanas
baja california, México Thermo Fisher Scientific A tiempo completoThermo Fisher Scientific Inc. (NYSE: TMO) is the world leader in serving science, with annual revenue of approximately $40 billion. Our Mission is to enable our customers to make the world healthier, cleaner and safer. Whether our customers are accelerating life sciences research, solving sophisticated analytical challenges, improving patient diagnostics and...
-
Senior Product Security Engineer
hace 4 semanas
baja california, México Thermo Fisher Scientific A tiempo completoWork Schedule Standard (Mon-Fri) Environmental Conditions Office Job Description About Thermo Fisher Scientific Thermo Fisher Scientific Inc. (NYSE: TMO) is the world leader in serving science, with annual revenue of approximately $40 billion. Our Mission is to enable our customers to make the world healthier, cleaner and safer. Whether our...
-
Product Security Engineer II
hace 4 semanas
baja california, México Thermo Fisher Scientific A tiempo completoWork Schedule Other Environmental Conditions Office Job Description As part of the Thermo Fisher Scientific team, you’ll discover meaningful work that makes a positive impact on a global scale. Join our colleagues in bringing our Mission to life every day to enable our customers to make the world healthier, cleaner, and safer. We provide our global...
-
Staff Engineer, Software
hace 4 semanas
baja california, México Thermo Fisher Scientific A tiempo completoWork Schedule Standard (Mon-Fri) Environmental Conditions Office Job Description Thermo Fisher Scientific Inc. is seeking a highly skilled and experienced Staff Engineer, Software to join our world-class Engineering team. As a global leader in serving science, Thermo Fisher Scientific Inc. is dedicated to enabling our customers to make the world...
-
Staff Engineer, Software
hace 1 semana
baja california, México ThermoFisher Scientific A tiempo completoThermoFisher Scientific Staff Engineer, Software in Tijuana, Mexico Work Schedule: Standard (Mon-Fri) Environmental Conditions: Office Job Description: Thermo Fisher Scientific Inc. is seeking a highly skilled and experienced Staff Engineer, Software to join our world-class Engineering team. As a global leader in serving science, Thermo Fisher Scientific...
-
Application Solution Eng I, MRQ
hace 1 semana
baja california, México Integer Holdings Corporation A tiempo completoBy living according to a common set of values, we create a culture that unifies, embraces the uniqueness we all bring to the company, and positions Integer for long-term success. At Integer, our values are embedded in everything we do. Values Customer: We focus on our customers’ success. Innovation: We create better solutions. Collaboration: We create...
-
Cloud Engineer
hace 1 semana
baja california, México Teradata A tiempo completoWhat You’ll Do: The Cloud Engineer manages Teradata’s as-a-service offering in the public cloud (AWS/Azure/GCP). The successful candidate will have delivery responsibilities in cloud network administration, security administration, deployment, provisioning, environment optimization, third-party software support, on-premise to cloud migration support for...
-
DevOps Engineer
hace 1 semana
baja california, México SRAX Inc. A tiempo completoAt SRAX, we have 5 core values; Energetic, Positive, Ownership, Collaboration, and Creativity. All of them are equally important and if you are someone that shares these values with us, please keep reading! About the position We are seeking an experienced DevOps Engineer (Contractor) to join our technical team. This role is pivotal in bridging the gap...
-
Cloud Engineer
hace 1 semana
baja california, México Teradata Group A tiempo completoWhat You’ll Do The Cloud Engineer manages Teradata’s as-a-service offering in the public cloud (AWS/Azure/GCP). The successful candidate will have delivery responsibilities in cloud network administration, security administration, deployment, provisioning, environment optimization, third-party software support, On-premise to Cloud migration support for...
-
MRQ Solutions Engineer CMMS
hace 6 días
baja california, México Integer A tiempo completoBy living according to a common set of values, we create a culture that unifies, embraces the uniqueness we all bring to the company, and positions Integer for long-term success. At Integer, our values are embedded in everything we do: Customer: We focus on our customers’ success. Innovation: We create better solutions. Collaboration: We create success...
-
Software Engineer
hace 4 días
baja california, México Trimble A tiempo completoJob Title: Full Stack Developer Your location: Mexicali, Mexico Our Division: Trimble - Viewpoint Are you passionate about developing software with the quality necessary to deliver on the most demanding customer requirements? About the Role Viewpoint is looking for a software developer for its “Team Project Communications” product platform team...
-
Principal Project Engineer
hace 3 semanas
baja california, México Cardinal Health A tiempo completoWhat Engineering Program/Project Management contributes to Cardinal Health Job Description Define, validate, maintain and document manufacturing processes with optimal use of resources ensuring the level of quality, productivity and minimizing waste (scrap), continuously improving the capacity of processes to meet specifications. Define compliance dates for...
-
Engineer III, Software Quality Assurance
hace 4 semanas
baja california, México Thermo Fisher Scientific A tiempo completoWork Schedule Standard (Mon-Fri) Environmental Conditions Office Job Description Position Summary: This is a hands-on Software Quality Assurance position that will be responsible for the testing and the end quality of a variety of applications. The candidate for this position will work in an Agile environment with development, Project Management and...
-
Principal Project Engineer
hace 3 semanas
baja california, México Cardinal Health A tiempo completoWhat Engineering Program/Project Management contributes to Cardinal Health Job Description Define, validate, maintain and document manufacturing processes with optimal use of resources ensuring the level of quality, productivity and minimizing waste (scrap), continuously improving the capacity of processes to meet specifications. Define compliance dates...
-
Software Development Engineer in Test
hace 3 semanas
baja california, México Trimble A tiempo completoTitle: Software Development Engineer in Test (SDET) 2 Job Location:Mexicali, Mexico Our Department:Trimble Platform Our Business Segment: Architecture, Engineering, Construction & Owner (AECO) Trimble has an opening for a Software Developer Engineer in Test (SDET) Level II position in Mexicali, Mexico. This is an exciting time to join as we...
-
IT Integration Technical Lead
hace 3 días
baja california, México Bose Corporation A tiempo completoYou know the moment. It’s the first notes of that song you love, the intro to your favorite movie, or simply the sound of someone you love saying “hello.” It’s in these moments that sound matters most.At Bose, we believe sound is the most powerful force on earth. We’ve dedicated ourselves to improving it for nearly 60 years. And we’re passionate...
-
IT Engineer I
hace 3 semanas
baja california, México Envista Holdings A tiempo completoJob Description: Provides IT support for all internal employees at Envista locations globally and local support. Ensures that all supports are logged, resolved, or are forwarded to the proper group for resolution. Responsible for PC configurations, imaging, ongoing system updates and maintenance. LAN/WAN network troubleshooting, and vendor coordination....
-
Software Development Engineer in Test
hace 4 semanas
baja california, México Outset Medical A tiempo completoCompany Overview Join us for an enriching journey with Outset, a trailblazing medical device company that is revolutionizing the field of dialysis. Our focus is to create one high performing team, obsessed with progress, in an atmosphere that is brimming with transformative opportunities. The heart of our mission is pioneering a groundbreaking technology...