Risk and Compliance

Bengaluru, India
- Tech Hiring
- 3064464

**Job Description**:
**Caterpillar: Confidential Green**
**Cybersecurity Governance Analyst ? Problem Management**
**JOB DESCRIPTION**:
**Caterpillar?s Cybersecurity Team is seeking a Cybersecurity Governance Analyst (Problem Management Exceptions) to review and work through exception management requests regarding our enterprise cybersecurity policy, standards, and controls. This role will implement robust research and monitoring processes to analyze the context and rationale for security exception requests submitted via our Cybersecurity GRC solutions platform. The role will take appropriate actions (e.g., submit approval requests or escalate) on exceptions to ensure that they are relevant and applicable within the area/topic of assessment or review.**
**The Analyst must have a strong understanding of cybersecurity controls design, implementation, and attestations to validate that policy requirements are being met, establishing, and maintaining relationships with key stakeholders and supporting other Cybersecurity GRC processes as applicable.**
**JOB RESPONSIBILITIES**:
**?**
**Maintain strong knowledge and understanding of Caterpillar?s global operating environment, enterprise cybersecurity landscape as well as the Enterprise Cybersecurity Governance Framework (ECGF) and its inherent components.**
**?**
**Maintain strong knowledge of Caterpillar?s adopted cybersecurity standards, frameworks, and applicable regulatory obligations (e.g., ISO-27001/2, PCI, CMMC, CIS, NYDFS, FFIEC, SWIFT, CTPAT)**
**?**
**Develop and execute a robust monitoring program for security exceptions.**
**?**
**Engage and hold cybersecurity process owners accountable for monitoring their processes in alignment with policy, standards, and controls, providing relevant input/review insights as applicable.**
**?**
**Develop self-assessment programs to validate that security policy, standards and control requirements are satisfied.**
**?**
**Assess new, or changes to existing, exception processes, and follow change management process to make improvements as applicable.**
**?**
**Establish and maintain relationships with key business partners across the organization.**
**?**
**Serve as a liaison in the internal and external audits, provide supporting evidence and assess any identified issues and remediation action plans.**
**Caterpillar: Confidential Green**
**?**
**? Partner with security SMEs and stakeholders across the enterprise in executing exception risk analyses.**
**?**
**? Support annual planning, budgeting, and project implementation activities within the cybersecurity governance function.**
**?**
**? Consistently demonstrate excellent stakeholder collaboration, communication, and customer-oriented skills, and project management capabilities**
**MINIMUM QUALIFICATIONS**:
**?**
**? Bachelor?s degree from an accredited college/university**
**?**
**? At least two (2) relevant cybersecurity certifications (e.g., CISM, CISSP, CCSP, CISA, CRISC, CGEIT, COBIT Foundations)**
**?**
**? 3+ years working with global cybersecurity industry standards, frameworks, and regulatory requirements such as ISO-27001/2, PCI, CMMC, NYDFS, FFIEC, SWIFT, CTPAT**
**?**
**? 3+ years of experience working with the Microsoft Office/O365 Suite**
**?**
**? 3+ years of data management, analysis, transformation, systems workflow modeling and implementation**
**?**
**? Big Four (4), or management/IT consulting experience is a plus.**

Security Compliance and Framework

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, caste, creed, religion, gender, marital status, age, ethnic and national origin, gender identity, gender expression, sexual orientation, political orientation, disability status, protected veteran status, or any other characteristic protected by law.