Can't find what you're looking for?

Join our Talent Network
Join our Talent Network

GRC Security Specialist

This job posting is no longer active.

Location: Chicago, IL, United States
Date Posted: Feb 29, 2020

Share: mail

Job Description


Cybersecurity is embedded in everything we do at Caterpillar, from the core IT systems used by tens of thousands of Caterpillar employees and business partners deployed on premise or within a Cloud provider to the products and machinery that we sell to our customers. The Cybersecurity organization has undergone a major transformation, and we are seeking the right talent to join the team.

The Risk Analysis Lead will manage and directly contribute to data-driven information security risk analysis efforts and related processes. The chosen candidate will collaborate with business partners to scope and execute the analysis and communicate the results to leadership. 


Development, application and maintenance of Factor Analysis of Information Risk (FAIR)-based models, standard analysis scenarios and risk quantification tools/techniques

Scope and facilitate risk quantification meetings and working group sessions

Communicate results of analysis to process partners and leadership 

Engage with business partners to have meaningful discussions on threats, compensating controls, policies and risk

Implement, maintain, and guide assessors and business partners in the use of a risk triage process

Develop and deliver both formal and informal risk quantification/FAIR training and socialization efforts

Establish, develop and manage key partnerships

Support risk reporting dashboards for cybersecurity and business partner leadership

Participate in risk management efforts and support the Governance, Risk and Compliance team


Required Qualifications:

Bachelor (4-year) degree in Cybersecurity, Information Security, Computer Science, Management Information Systems, Business or other degrees in related fields

6+ years of experience in Cybersecurity or Information Technology

3+ years of experience risk quantification and/or risk management experience 

At least one of the following active certifications or ability and willingness to obtain within one year: CISSP, CISA, CISM, CRISC

3+ years of experience in Microsoft O365 products

Ideal Candidate Will Also Have:

Subject matter expertise in risk quantification, management, governance and development of risk appetite

OpenFAIR certification

Experience in applying FAIR methodology

Baseline Knowledge of Governance, Risk and Compliance (GRC) concepts

Excellent collaboration and relationship-building skills

Excellent analytical and critical thinking skills

Excellent written and verbal communication skills; ability to present to senior leadership

Focus on quality and attention to detail; strong organizational skills

If remote, the employee will be onsite 75% of the time for the first 6 months. After 6 months travel will be up to 25%. If employee is located in Peoria, travel will be up to 10%.

Caterpillar is not currently hiring individuals for this position who now or in the future require sponsorship for employment visa status; however, as a global company, Caterpillar offers many job opportunities outside of the U.S. which can be found through our employment website at


Share: mail

Job Info

Feb 29, 2020


United States