IT Analyst Applications Vulnerability Management Analyst

Career Area:

Job Description:

Your Work Shapes the World at Caterpillar Inc.

When you join Caterpillar yourejoining a global team who cares not just about the work we do but also about each other. We are the makers problem solvers and future world builders who are creating stronger more sustainable communities. We dontjust talk about progress and innovation here we make it happen with our customers where we work and live. Together we are building a better world so we can all enjoy living in it.

About Caterpillar

Caterpillar Inc. is the worlds leading manufacturer of construction and mining equipment off-highway diesel and natural gas engines industrial gas turbines and diesel-electric locomotives.

For nearly 100 years weve been helping customers build a better more sustainable world and are committed and contributing to a reduced-carbon future. Our innovative products and services backed by our global dealer network provide exceptional value that helps customers succeed.

Your Impact Shapes the World at Caterpillar Inc

When you join Caterpillar youre joining a global team who cares not just about the work we do but also about each other. We are the makers problem solvers and future world builders who are creating stronger more sustainable communities. We dont just talk about progress and innovation here we make it happen with our customers where we work and live. Together we are building a better world so we can all enjoy living in it.

Job Summary

We are seeking a skilled IT Analyst Applications - Vulnerability Management Analyst to join India Cybersecurity Support -CAT IT Division.

The preference for this role is to be based out of Bangalore Caterpillar PSN

What you will do

The Vulnerability Management Analyst is responsible for monitoring tracking and driving remediation of critical security vulnerabilities that have exceeded the organizations SLA remediation window. This role leverages ServiceNow reporting and workflow capabilities to identify overdue vulnerabilities assign or reassign ownership and coordinate directly with technical teams to obtain remediation or deferral dates. The analyst will consolidate findings into clear actionable reporting and deliver regular presentations to leadership.

ServiceNow Reporting & Ticket Management

• Run scheduled and adhoc reports from ServiceNow Vulnerability Response dashboards to identify critical vulnerabilities older than 30 days.
• Review and validate the accuracy of vulnerability records assignment groups and ticket metadata.
• Determine the appropriate ticket assignee based on asset ownership assignment group rules or escalation paths.
• Create or update tickets as needed to ensure correct routing and accountability.

Stakeholder Coordination & Communication

• Contact ticket assignees via chat to gather remediation timelines or deferral requests.
• Follow up consistently to ensure timely responses and maintain an audit trail of communication within ServiceNow.
• Engage with system owners engineering teams and operations personnel to clarify remediation requirements.
• Escalate overdue or unresponsive items to management when required.

Data Analysis & Reporting

• Export vulnerability data into spreadsheets and organize it into clear structured metrics (e.g. number of overdue vulnerabilities trends ownership gaps recurring issues).
• Analyze ticket patterns to identify systemic issues process gaps or areas where tooling or workflows need improvement.
• Maintain an uptodate tracking spreadsheet for leadership review.

Leadership Presentations

• Build clean concise PowerPoint presentations summarizing:
  • Current overdue vulnerability counts
  • Responsible teams and owners
  • Remediation timelines
  • Highrisk issues and blockers
  • Trends and recommendations
• Present findings during weekly leadership meetings clearly articulating risks and required actions.

What you will have

• 13 years of experiencein cybersecurity IT operations risk management or a related technical field.
• Familiarity withServiceNow especially Vulnerability Response or ITSM modules.
• Basic understanding of vulnerability management concepts (CVSS asset criticality remediation workflows).
• Strong communication skills particularly in coordinating with technical teams.
• Proficiency withExcel(sorting pivot tables lookups) andPowerPoint.
• Ability to work independently prioritize urgent issues and manage multiple tasks simultaneously.
• This position requires candidate to work a 5-day -a -week schedule in the Hosur Facility
• Shift Timing:01:00-10:00PM IST

Preferred Qualifications

• Experience working with vulnerability scanning tools (e.g. Qualys Tenable Rapid7).
• Knowledge of cybersecurity frameworks (e.g. NIST CIS Controls).
• Experience building or improving ticket workflows in ServiceNow.

Soft Skills

• Detailoriented with strong organizational skills.
• Comfortable following up persistently but professionally with stakeholders.
• Analytical mindset with the ability to distill complex data into simple insights.
• Strong sense of ownership and accountability.

Skills desired:

Core Application Systems: Knowledge of major production application systems used for delivery of services to internal and external clients; ability to leverage major production application systems in diverse situations.
Level Working Knowledge:
Helps create contingency plans to mitigate impact of disruption on core applications.
Identifies key players criticalities roles and responsibilities.
Investigates application-related issues with both business and IT professionals.
Recommends enhancements for a major application system or related subsystems.
Works with core application systems for a major business unit or function.

Problem Solving: Knowledge of approaches tools techniques for recognizing anticipating and resolving organizational operational or process problems; ability to apply knowledge of problem solving appropriately to diverse situations.
Level Working Knowledge:
Identifies and documents specific problems and resolution alternatives.
Examines a specific problem and understands the perspective of each involved stakeholder.
Develops alternative techniques for assessing accuracy and relevance of information.
Helps to analyze risks and benefits of alternative approaches and obtain decision on resolution.
Uses fact-finding techniques and diagnostic tools to identify problems.

Application Design Architecture: Knowledge of basic activities and deliverables of application design; ability to utilize application design methodologies tools and techniques to convert business requirements and logical models into a technical application design.
Level Extensive Experience:
Facilitates in application design reviews and walkthroughs.
Creates and evaluates technical alternatives for complex applications.
Interprets application services such as API; integrates them with technical design.
Develops various distinct and multiple technical application designs.
Prepares technical design documents and blueprints for applications.
Explores and evaluates application design considerations for multiple technologies.

Implementation: Knowledge of how to run applications for organizations; ability to implement application software within an organization and help end-users perform specific tasks (ex: accounting or graphic design).
Level Working Knowledge:
Tracks problems associated with the quality and effectiveness of application software.
Researches the benefits and drawbacks of an organizations application software.
Drafts application software usage for the departments needs.
Provides instant support for end users of application software.
Implements a specific application software under the supervision of management.

Requirements Analysis: Knowledge of tools methods and techniques of requirement analysis; ability to elicit analyze and record required business functionality and non-functionality requirements to ensure the success of a system or software development project.
Level Working Knowledge:
Follows policies practices and standards for determining functional and informational requirements.
Confirms deliverables associated with requirements analysis.
Communicates with customers and users to elicit and gather client requirements.
Participates in the preparation of detailed documentation and requirements.
Utilizes specific organizational methods tools and techniques for requirements analysis.

System and Technology Integration: Knowledge of the features and facilities of systems; ability to integrate and communicate among applications databases and technology platforms.
Level Working Knowledge:
Assists with current and planned integration initiatives.
Explores major issues and considerations for successful system integration.
Works with applications data technology bridges and a variety of platforms.
Works with existing interfaces as well as integration and migration plans within own area.
Plays an active role in local integration efforts.

System Testing: Knowledge of system and software testing; ability to design plan and execute system testing strategies and tactics to ensure the quality of software at all stages of the system life cycle.
Level Working Knowledge:
Supports the project leader in developing and executing system test plans.
Evaluates system documentation and user manuals for usability accuracy and completeness.
Executes test cases analyzes test results and reports on findings regularly.
Tests system components for compliance with functional requirements.
Participates in the testing of a systems ability to recover from hardware or software failures.

What you will get:

• Work Life Harmony
• Earned and medical leave.
• Relocation assistance

Holistic Development

• Personal and professional development through Caterpillar s employee resource groups across the globe
• Career developments opportunities with global prospects

Health and Wellness

• Medical coverage -Medical life and personal accident coverage
• Employee mental wellness assistance program

Financial Wellness

• Employee investment plan
• Pay for performance -Annual incentive Bonus plan.

Additional Information:

Caterpillar is not currently hiring individuals for this position who now or in the future require sponsorship for employment visa status; however as a global company Caterpillar offers many job opportunities outside of the U.S. which can be found through our employment website at position requires working onsite five days a week.

Not ready to apply Join our Talent Community.