CybersecurityAnalyst

Career Area:

Technology, Digital and Data

Job Description:

Your Work Shapes the World at Caterpillar Inc.

When you join Caterpillar, you're joining a global team who cares not just about the work we do - but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here - we make it happen, with our customers, where we work and live.

Together, we are building a better world, so we can all enjoy living in it.

Cybersecurity Analyst

Role Definition:

The SOC (Security Operations Center) is a critical component of CSIRT (Cyber Security Incident Response Team). Lead analysts in the SOC are responsible for the continuous monitoring and response to security alerts and events that occur within Caterpillar's global network. This includes investigating Malware alerts, Phishing emails, anomalous activity, and anomalous network traffic and includes taking necessary action to remediate or escalate these events in support of incident response activities.

What You Will Do:

* Monitor security events across cloud and on‑premise environments to identify potential threats, suspicious activity, and policy violations.

* Investigate alerts generated by SIEM and other security tools, performing triage and initial analysis to determine severity and impact.

* Analyze authentication activity, access patterns, and system logs to detect anomalies and indicators of compromise.

* Lead analysts serve as a primary escalation point for SOC analysts and support incident response activities by gathering data, enriching alerts, and assisting with containment and remediation efforts.

* Leverage threat intelligence and the MITRE ATT&CK framework to understand attacker behaviors and improve response efforts.

* Assist in tuning and maintaining SIEM use cases and alerting rules to improve detection quality and reduce false positives.

* Collaborate with internal teams to escalate issues and improve overall security posture.

* Document investigations, findings, and procedures in a clear and consistent manner.

* Participate in continuous improvement efforts, including playbook updates and SOC process refinement.

* Provide support as part of a rotating on‑call schedule for high-priority alerts and incidents.

What You Have:

* Experience working in a Security Operations Center (SOC) or similar role within a mid-to-large enterprise environment with distributed infrastructure.

* Direct experience with enterprise SIEM platforms, including alert triage, log analysis, and developing queries across diverse and high-volume data sources.

* Solid understanding of incident response operations, including investigating alerts, supporting containment and remediation efforts, and documenting findings.

* Experience analyzing security events across cloud and on-premise environments, including authentication activity, endpoint telemetry, and network/system logs.

* Familiarity with threat detection concepts, including applying cyber threat intelligence and frameworks such as MITRE ATT&CK during investigations and alert analysis.

* Experience investigating a wide range of security incidents, including phishing, malware, credential misuse, and infrastructure-related threats.

* Exposure to operating in high-volume environments, with the ability to effectively analyze and prioritize large numbers of alerts and log data.

* Working knowledge of detection tuning and contributing to improvements in SIEM rules, alert fidelity, and SOC workflows

* Strong analytical, problem-solving, and investigative skills, with the ability to identify patterns and assess potential threats.

* Effective communication and documentation skills, with the ability to clearly convey technical findings and collaborate across SOC, engineering, and incident response teams.

Skills Descriptors:

* Communication:
Clearly documents investigations and communicates findings to team members and stakeholders

* Collaboration:

Works effectively within SOC teams and cross-functional groups

* Adaptability:
Responds to evolving threats, tools, and operational priorities

* Problem-Solving:
Analyzes security alerts and determines appropriate actions

* Curiosity:
Demonstrates interest in learning new threats, tools, and detection techniques

* Attention to Detail:
Thoroughly reviews data to ensure accurate analysis and escalation.

* Coachability:
Open to feedback and continuous professional development

Additional Info:

* The primary location for this position is Peoria, IL, Irving, TX or Nashville, TN.

* You must be willing to work 5 days ONSITE.

* SPONSORSHIP IS NOT AVAILABLE.

* Relocation is available for qualified candidates.

What You Will Get:

* Our goal at Caterpillar is for you to have a rewarding career. Our teams are critical to the success of our customers who build a better world.

* Here you earn more than just a salary because we value your performance. We offer a total rewards package that provides benefits on day one…