What you'd actually do

Conduct proactive threat hunting across Cloud and On‑Prem enterprise environments to identify malicious activity, anomalies, and emerging threats.

Perform in‑depth investigations using SIEM technologies, leveraging strong query and analysis skills to detect adversary behaviors and indicators of compromise.

Analyze authentication flows, access patterns, and system telemetry to uncover potential compromise or advanced attacker techniques.

Utilize cyber threat intelligence, the MITRE ATT&CK framework, and emerging threat research to inform hunting strategies and detection engineering.

Investigate and respond to high‑impact security incidents, collaborating closely with CSIRT and cross‑functional teams to contain and remediate threats.

Skills

Required

Threat hunting methodologies
SIEM platforms (querying, tuning)
Incident response
Cyber threat intelligence
MITRE ATT&CK framework
Cloud and on-premises security
Detection engineering
Log analysis
Communication skills
Collaboration skills

Nice to have

Mentoring junior analysts
Offensive security knowledge

What the JD emphasized

Extensive experience operating in a large‑scale, global enterprise cybersecurity environment with complex, distributed infrastructure.

Advanced threat hunting experience across hybrid environments, including cloud and on‑premises ecosystems, with a strong command of threat hunting methodologies, cyber threat intelligence, and practical application of the MITRE ATT&CK framework to drive hypothesis‑based hunts.

Expert‑level understanding of incident response operations, including leading investigations, containment and remediation efforts, root cause analysis, and post‑incident improvements.

Significant experience with enterprise‑grade SIEM platforms, including authoring complex queries, tuning detections at scale, and analyzing high‑volume, diverse telemetry sources.

Demonstrated experience developing, validating, tuning, and maintaining detections derived from threat hunting findings and real‑world adversary activity.

Career Area:

Technology, Digital and Data

Job Description:

**Your Work Shapes the World at Caterpillar Inc. **

When you join Caterpillar, you're joining a global team who cares not just about the work we do – but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here – we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it.

Senior Cybersecurity Specialist

What You Will Do:

Conduct proactive threat hunting across Cloud and On‑Prem enterprise environments to identify malicious activity, anomalies, and emerging threats.
Perform in‑depth investigations using SIEM technologies, leveraging strong query and analysis skills to detect adversary behaviors and indicators of compromise.
Analyze authentication flows, access patterns, and system telemetry to uncover potential compromise or advanced attacker techniques.
Utilize cyber threat intelligence, the MITRE ATT&CK framework, and emerging threat research to inform hunting strategies and detection engineering.
Investigate and respond to high‑impact security incidents, collaborating closely with CSIRT and cross‑functional teams to contain and remediate threats.
Partner with SIEM administrators, vendors, and offensive cybersecurity teams to enhance threat visibility and detection capabilities.
Develop and maintain detection logic, contributing to the full detection development lifecycle and identifying opportunities for detection improvements.
Apply offensive knowledge to strengthen hunting methodologies and validate detection coverage.
Document findings, investigations, and procedures with strong writing, communication, and operational discipline.
Support continuous improvement efforts, including planning, operational procedure refinement, and readiness activities within the CSIRT.
Provide after‑hours support as part of a rotating on‑call schedule, including responding to high‑priority alerts and security incidents.

What You Have:

Extensive experience operating in a large‑scale, global enterprise cybersecurity environment with complex, distributed infrastructure.
Advanced threat hunting experience across hybrid environments, including cloud and on‑premises ecosystems, with a strong command of threat hunting methodologies, cyber threat intelligence, and practical application of the MITRE ATT&CK framework to drive hypothesis‑based hunts.
Expert‑level understanding of incident response operations, including leading investigations, containment and remediation efforts, root cause analysis, and post‑incident improvements.
Significant experience with enterprise‑grade SIEM platforms, including authoring complex queries, tuning detections at scale, and analyzing high‑volume, diverse telemetry sources.
Demonstrated experience developing, validating, tuning, and maintaining detections derived from threat hunting findings and real‑world adversary activity.
Strong documentation, communication, and collaboration skills, with the ability to clearly convey complex technical findings, influence stakeholders, and work effectively across SIEM administrators, security vendors, engineering teams, CSIRT, and executive leadership.
Experience mentoring or guiding other analysts or hunters, contributing to the maturity and effectiveness of the overall threat detection and response program.

Skills Descriptors:

Communicating Complex Concepts: Ability to clearly articulate complex threat scenarios, detection logic, and investigation results in concise, audience‑appropriate language.
Consulting: Experience providing technical guidance and security expertise to internal partners, vendors, or cross‑functional teams.
Cybersecurity Standards and Policies: Knowledge of developing, interpreting, and applying cybersecurity policies, standards, and procedures across diverse operational environments.
Adaptability: Comfort adapting to new cybersecurity challenges, emerging threats, and evolving technologies.
Collaboration: Works effectively with SOC, engineering, offensive security, vendors, and leadership teams.
Problem‑Solving: Demonstrated ability to identify, analyze, and resolve advanced cybersecurity issues and attacker behaviors.
Coachability: Ability to coach team members while remaining open to receiving coaching and constructive feedback.
Curiosity: A persistent desire to explore new attack vectors, emerging threat techniques, and innovative detection strategies.
Goal-Driven: A results‑focused mindset centered on improving defenses, maturing detection capabilities, and driving measurable cybersecurity outcomes.

Additional Info:

The primary locations for this position are Dallas, TX, East Peoria, IL, or Nashville TN.
5 days onsite is MANDATORY.
Sponsorship is NOT available.
Relocation is available.

About Caterpillar -

Caterpillar Inc. is the world’s leading manufacturer of construction and mining equipment, off-highway diesel and natural gas engines, industrial gas turbines and diesel-electric locomotives. For nearly 100 years, we’ve been helping customers build a better, more sustainable world and are committed and contributing to a reduced-carbon future. Our innovative products and services, backed by our global dealer network, provide exceptional value that helps customers succeed.

Summary Pay Range:

$128,470.00 - $208,770.00

Compensation and benefits offered may vary depending on multiple individualized factors, job level, market location, job-related knowledge, skills, individual performance and experience. Please note that salary is only one component of total compensation at Caterpillar.

Benefits:

Subject to plan eligibility, terms, and guidelines. This is a summary list of benefits.

Medical, dental, and vision benefits*
Paid time off plan (Vacation, Holidays, Volunteer, etc.)*
401(k) savings plans*
Health Savings Account (HSA)*
Flexible Spending Accounts (FSAs)*
Health Lifestyle Programs*
Employee Assistance Program*
Voluntary Benefits and Employee Discounts*
Career Development*
Incentive bonus*
Disability benefits
Life Insurance
Parental leave
Adoption benefits
Tuition Reimbursement

These benefits also apply to part-time employees

This position requires working onsite five days a week.

Relocation is available for this position.

Visa Sponsorship is not available for this position.

Posting Dates:

May 7, 2026 - May 17, 2026

Any offer of employment is conditioned upon the successful completion of a drug screen.

Caterpillar is an Equal Opportunity Employer, Including Veterans and Individuals with Disabilities. Qualified applicants of any age are encouraged to apply.

Not ready to apply? Join our Talent Community.