Third-Party Cybersecurity Risk Manager

Third-Party Cybersecurity Risk Manager

When you join Caterpillar, you're joining a global team who cares not just about the work we do – but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here – we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it.

As a Third-Party Cybersecurity Risk Manager at Caterpillar Inc., you will leverage your expertise in third-party risk practices to strengthen and sustain the enterprise’s Third-Party Cybersecurity Risk Management program. This role requires strong leadership to guide a high-performing team, balance daily operations with continuous improvement, and ensure the integrity of assessment data, processes, and tools. Success in this role depends on excellent communication, cross-functional collaboration, and the ability to manage multiple complex projects while supporting enterprise growth and resilience.

What You Will Do

• Deliver cybersecurity expertise and leadership for the advancement, execution and sustainability of the Third-Party Cybersecurity Risk Management program, processes and supporting tools
• Effectively lead and motivate a team of 4-15 resources to perform to their highest potential by serving as a strong leader and role model
• Effectively balance cyber hygiene, day-to-day operations, incremental improvement, and future-focused projects in a manner which reduces risk and facilitates enterprise efforts to achieve expanded offerings, services growth, and sustainability
• Manage project planning and execution covering project charters, communications, metrics, reporting, and the overall project plan with timelines and deliverables
• Review cybersecurity language within legal contracts to ensure alignment with enterprise requirements
• Establish appropriate goals and objectives for the team in alignment with the Cybersecurity strategy and in support of overall organizational goals
• Foster collaborative working relationships with security stakeholders across Caterpillar and guide the team to provide exceptional customer experience
• Ensure third party assessment data integrity and quality control
• Regularly review and gain insights from data and metrics
• Increase awareness, understanding and integration of the program into enterprise supply chain risk management efforts

What You Have

Caterpillar Inc. seeks candidates with the following qualifications:

• Bachelor’s degree from an accredited institution
• Active, nationally recognized cybersecurity certifications (CTPRP, CISSP, CISM, CRISC)
• Demonstrated ability in leading a team
• Strong knowledge and practical application of third-party risk management concepts (e.g. industry standard TPRM security control questionnaires, SOC2 Type 2, etc.)
• Proven project management experience with multiple concurrent projects
• Ability to adjust to multiple demands, changing priorities, ambiguity, and rapid change, while multitasking effectively
• Process-oriented and strong organizational skills
• Excellent written and verbal communication with ability to explain complex issues to technical and non-technical users across the enterprise
• Strong collaboration and coordination skills
• Strong analytical and critical thinking skills
• Ability to interact effectively with senior management

Top Candidates Will Also Have

• Experience managing a Third-Party Cybersecurity Risk Management program
• Experience in reviewing cybersecurity language in legal contracts
• Experience in the complexities of working in a large global organization
• PMP or other project management certification

Additional Info

• The location for this role is Dallas TX, Nashville, TN or Peoria, IL.
• Relocation assistance is available.
• This role requires 5 days onsite.
• Sponsorship is NOT available.

Skills Descriptors

• Planning: Knowledge of effective planning techniques and ability to contribute to operational (short term), tactical (1-2 years) and strategic (3-5 years) planning in support of the overall business plan.
• Talent Management: Knowledge of the critical competencies required to achieve intended results; ability to generate consistent approaches for hiring, selection, retaining and leveraging talent across the organization.
• Team Management: Knowledge of effective team building techniques; ability to form and manage effective teams.
• Information Technology (IT) Security Policies: Knowledge of IT security policies, standards, and procedures; ability to utilize a variety of administrative skill sets and technical knowledge to ensure cyber security compliance.
• Cyber Security: Knowledge of network attacks and the defenses used; ability to defend and prevent electronic threats, theft, and attacks.

What You Will Get

Our goal at Caterpillar is for you to have a rewarding career. Our teams are critical to the success of our customers who build a better world. Here you earn more than just a salary because we value your performance. We offer a total rewards package that provides benefits on day one (medical, dental, vision, RX, and 401K) along with the potential of an annual bonus. Additional benefits include paid vacation days and paid holidays.

Key skills/competency

• Third-Party Risk Management
• Cybersecurity Program Management
• Team Leadership
• Project Planning & Execution
• Contract Review
• Data Integrity & Quality Control
• Supply Chain Risk
• Cyber Hygiene
• Communication Skills
• Analytical Skills