• Deputy CISO

    Caterpillar, Inc. (East Peoria, IL)


    Career Area:

    Technology, Digital and Data

    Job Description:

    Your Work Shapes the World at Caterpillar Inc.

     

    When you join Caterpillar, you're joining a global team who cares not just about the work we do – but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here – we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it.

     

    Deputy CISO

     

    IT professionals at Caterpillar get the opportunity to make a global impact that enables profitable growth by responsive IT solutions with operational excellence. We equip the enterprise with the tools and resources that drive collaboration, innovation and solutions that help our customers build a better world.

     

    Supporting the business operations of more than 500 facilities worldwide in more than 190 countries, you will connect every aspect of our business from order management systems that keep our production lines running to ecommerce solutions for customers ordering parts online to collaboration tools that keep us connected as well as securing and protecting our connected assets around the globe.

     

    **Role Definition:** The Deputy Chief Information Security Officer (DCISO) is a senior Caterpillar cybersecurity position. This role requires a highly resourceful, experienced, self-driven individual with the ability to partner, execute, and lead through influence.

    What You Will Do:

    + Report to the Chief Information Security Officer and interact with other Deputy Chief Information Security Officers, Regional Security Directors, Business Risk Management personnel, business unit leadership, department heads and supervisors to enhance security risk management capabilities utilizing effective security risk management practices and tools.

    + Manage and lead the Cybersecurity organization through strategic planning as well as project and program management. This position requires extensive collaboration to ensure the cybersecurity program has appropriately addressed risk, providing dependable, complete, and timely reporting of risk management issues and strategies.

    + Drive strategic initiatives and participate in a wide variety of engagements on behalf of the Cybersecurity team. This role underscores the presumption that secure access to information, data, networks, and operations is critical to achieving enterprise business objectives.

    + Accountability for establishing, executing, and directing the governance, risk, compliance, awareness & learning, and technology & analytics components of the global cybersecurity program to protect Caterpillar's people, proprietary information, plants, products, reputation, and brand.

    + Develop and implement strategic and operational processes that enable business success while mitigating risk.

    + Collaborate closely with other leaders to ensure information assets and associated technology, applications, systems, infrastructure, and processes are adequately protected throughout the digital ecosystem, even when the cybersecurity program may not be responsible for the underlying technology.

    + Contribute to identifying, assessing, and managing security risks in a manner that meets compliance, quality, legal and regulatory requirements, and aligns with and supports the company risk posture. This includes assessing third-party service providers, partners, joint ventures, and acquisitions.

    + The DCISO position assists in establishing and maintaining Caterpillar’s relationship with the information security industry and profession. Building and maintaining relationships are necessary for the successful execution of the cybersecurity program.

    + The DCISO will lead a team of 4-6 senior managers with a team of approximately 50 to 75 Caterpillar personnel and 40 to 60 external consultants.

    + The DCISO provides decision support and governance through informal and formal means, including but not limited to metrics, dashboards, risk analysis and mitigation, acceptance, and reporting.

    + The DCISO will provide the CISO with strategic recommendations and drive strategic initiatives and projects on behalf of the Cybersecurity leadership team.

    Information security strategy and architecture:

    + Providing vision and leadership in the development and execution of an enterprise information security strategy and roadmap, including aligning with enterprise business strategy, gaining executive approval and support, and overseeing successful execution.

    + Developing and maintaining practical and actionable information security policies and standards that reflect the needs of the business while keeping pace with changes in the business environment, technology, industry standards, regulations, and threats to effectively mitigate and manage risk to the business.

    + Developing and implementing policies, procedures and systems required for maintaining and enhancing overall security goals.

    + Providing overall information security services and information security technology infrastructure and data to support critical business and process requirements.

    + Collaborating with other leaders in the creation and maintenance of a security architecture for the enterprise and participating in the solution selection and process development.

    + Ensuring governance and supportive programming for the enterprise in the arena of information classification and categorization as related to risk and information security.

    + Developing information security requirements for information technology infrastructure initiatives and enterprise applications and, as appropriate, reviewing, and approving security design of initiatives.

    + Building and maintaining relationships necessary for the successful execution of the information security program. This includes developing and maintaining external and internal relationships to influence information security policy, standards, and programs, and enhancing secure interoperability with extended entities.

    + Measuring compliance with policy as part of assessing the overall information security risk posture of the enterprise and initiating programs to achieve and maintain an adequate information security posture.

    + Providing regular reports to the CISO and other senior leaders regarding information security risk posture of the enterprise.

    Information security risk management:

    + Consulting in the development of IT strategies for business units as an advisor on information security risks.

    + Identifying areas of potential information security risk within the IT infrastructure and driving mitigation strategies to reduce these risks to acceptable levels.

    + Developing and employing ongoing information security communications, awareness and learning program tailored to the evolving needs of the business and specific requirements of various user groups through change management.

    + Supporting a global information security program to ensure consistent messaging by Segment and Business Units underpinned by respective Enterprise Procedures.

    + Developing close relationships with management of operating groups globally to help evaluate key risks.

    + Leveraging information security investments to enhance business, administration, and compliance processes.

    + Overseeing the acquisition and maintenance of industry certifications including ISO, SOC2, CMMC and others as applicable.

    What You Have:

    Basic Qualifications:

    + Bachelor’s degree in computer science, information systems, engineering, business administration or a related field is required.

    + A minimum of 8 years executive leadership in information security policy, standards, architecture, technology, and programs.

    + Strong understanding of information security and the relationship between threat, vulnerability, and information value in the context of risk management.

    + A proven history of developing and implementing a comprehensive strategy and plan for managing information security internationally is required.

    + An understanding and application of information security in different cultures, working across different countries, and experience in an international environment is required.

    + Experience in a leadership role, high level analytical skills, exceptional relationship management competencies, and relevant project management work experience with a demonstrated record to lead and execute information security compliance and risk mitigation programs.

    Top Candidates Will Also Have:

    + Master’s degree in computer science, information systems, engineering, business administration or a related field is required.

    + At least one or more of the following active certifications: CISA, CISM, CRISC, CISSP or CFE.

    + Other related certifications such as ITIL, PMP, SANS/GSEC, CIPP, CGEIT, CPA/CA.

    + Experience with implementing NIST Cyber Security Framework, CMMC, ISO, SOC2, ISA 62443 and other related standards.

    + Extensive knowledge of company products and policies, organizational units, and strategic direction with demonstrated diversity in thought and skill.

    + Experience with a global company leading organizational change.

    **Additional Info** :

    + The primary locations for this position are Irving, TX, Peoria, IL or Nashville, TN.

    + This role is 5 days onsite.

    + Domestic relocation assistance is available for those who qualify.

    + Sponsorship is **NOT** available.

    What You Will Get:

    + Our goal at Caterpillar is for you to have a rewarding career. Our teams are critical to the success of our customers who build a better world.

    + Here you earn more than just a salary because we value your performance. We offer a total rewards package that provides benefits on day one (medical, dental, vision, RX, and 401K) along with the potential of an annual bonus. Additional benefits include paid vacation days and paid holidays.

    + All qualified individuals - Including minorities, females, veterans, and individuals with disabilities - are encouraged to apply.

     

    About Caterpillar -

     

    Caterpillar Inc. is the world’s leading manufacturer of construction and mining equipment, off-highway diesel and natural gas engines, industrial gas turbines and diesel-electric locomotives. For nearly 100 years, we’ve been helping customers build a better, more sustainable world and are committed and contributing to a reduced-carbon future. Our innovative products and services, backed by our global dealer network, provide exceptional value that helps customers succeed.

    Summary Pay Range:

    $185,400.00 - $278,160.00

     

    Compensation and benefits offered may vary depending on multiple individualized factors, job level, market location, job-related knowledge, skills, individual performance and experience. Please note that salary is only one component of total compensation at Caterpillar.

    Benefits:

    Subject to plan eligibility, terms, and guidelines. This is a summary list of benefits.

     

    + Medical, dental, and vision benefits*

    + Paid time off plan (Vacation, Holidays, Volunteer, etc.)*

    + 401(k) savings plans*

    + Health Savings Account (HSA)*

    + Flexible Spending Accounts (FSAs)*

    + Health Lifestyle Programs*

    + Employee Assistance Program*

    + Voluntary Benefits and Employee Discounts*

    + Career Development*

    + Incentive bonus*

    + Disability benefits

    + Life Insurance

    + Parental leave

    + Adoption benefits

    + Tuition Reimbursement

    * These benefits also apply to part-time employees

    Posting Dates:

    June 9, 2025 - June 23, 2025

     

    Any offer of employment is conditioned upon the successful completion of a drug screen.

     

    Caterpillar is an Equal Opportunity Employer, Including Veterans and Individuals with Disabilities.

     

    Not ready to apply? Join our Talent Community (http://flows.beamery.com/caterpillarinc/talcom) .