Your Work Shapes the World at Caterpillar Inc. When you join Caterpillar, you're joining a global team who cares not just about the work we do – but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here – we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it. Cyber Threat Intelligence Analyst Summary:Caterpillar’s Computer Security Incident Response Team (CSIRT) is seeking an experienced Cyber Threat Intelligence (CTI) Analyst. This person is responsible for collecting, analyzing and delivering both tactical and strategic intelligence on threat actors, campaigns, vulnerabilities, and emerging risks across enterprise environments. This role involves conducting vulnerability intelligence assessments using CVE analysis, CVSS scoring, and threat modeling to prioritize critical exposures, while producing actionable intelligence products such as threat briefs, reports, and TTP analyses aligned to frameworks like MITRE ATT&CK. The analyst translates complex threat data into clear insights for both technical and non-technical audiences through regular briefings and plays a key role in supporting incident response and cross-functional collaboration, partnering with teams across security domains and external intelligence communities to strengthen overall organizational defense. What You Will Do:Conduct tactical and strategic cyber threat intelligence collection, analysis, and reporting focused on threat actors, campaigns, vulnerabilities, zero-days, and organizational exposure across enterprise environments. Perform vulnerability intelligence assessments using CVE analysis, CVSS scoring, threat modeling, and prioritization frameworks to identify and track emerging threats and materially relevant exposures. Produce and disseminate actional intelligence products including threat briefs, threat reports, TTP analysis, and recommendations mapped to MITRE ATT&CK and other industry-standard frameworks to support SOC, CSIRT, and threat hunting teams. Deliver recuring threat intelligence briefings – including monthly strategic updates and more frequent tactical briefings – to both technical and non-technical audiences, translating complex threats into clear, actionable insights. Support intelligence-driven incident response and cross-functional collaboration, including investigation of security incidents/data breaches and partnership with groups such as OT/ ICS, product security, application security, and external intelligence-sharing partners. What You Have:Relevant experience in cyber threat intelligence, SOC, incident response, threat hunting, vulnerability intelligence, or a closely related cyber defense function. Working knowledge of the CTI lifecycle and structure analytic methods, including collection, enrichment, analysis, and dissemination for different customers. Fluency with MITRE ATT&CK and related frameworks such as Kill Chain, Diamon Model, or equivalent threat modeling approaches. Practical experience with vulnerability intelligence, including interpreting CV - Es, CVSS, exploitability context, and prioritization of relevant vulnerabilities. Ability to analyze adversary TT - Ps, IO - Cs, and campaigns and turn that analysis into actionable output for defenders. Strong written and verbal communication skills. Research and documentation experience. Top Candidates Will Have:Knowledge of the CTI lifecycle. Familiarity with MITRE ATT&CK Framework. Understanding of CISA KEV / vulnerability prioritization concepts. Experience curating threat briefings and written reporting. Ability to analyze TT - Ps, IO - Cs, campaigns, CV - Es, and threat trends. Strong research, requirements analysis, and technical writing skills. Knowledge of AI tools, scripting, or automation Familiarity with CI/ CD pipelines, application security, or product security concepts Familiarity with OT/ ICS security Experience with intelligence-sharing communities or external partner collaboration. Additional Info:The primary location for this position is Peoria, IL, Irving, TX or Nashville, TN. This role requires 5 days onsite. SPONSORSHIP IS NOT AVAILABLE. Relocation is not available. Skills Descriptors:Cybersecurity Standards and Policies: Knowledge of developing cybersecurity policies, standards and procedures; ability to develop and communicate policies, standards and procedures that guide interactions with customers. Application Security: Knowledge of the tools and processes for maintaining application security; ability to design and implement security programs to prevent data loss and access intrusion from web and mobile applications. Information Security Management: Knowledge of the processes, tools and techniques of information security management; ability to deploy and monitor information security systems, while detecting, controlling and preventing violations of IT security. Information Security Technologies: Knowledge of technologies and technology-based solutions dealing with information security issues; ability to protect information security across the organization using encryption technologies and appropriate security software. Information Technology (IT) Security Policies: Knowledge of IT security policies, standards, and procedures; ability to utilize a variety of administrative skill sets and technical knowledge to ensure cyber security compliance. Requirements Analysis: Knowledge of tools, methods, and techniques of requirement analysis; ability to elicit, analyze and record required business functionality and non-functionality requirements to ensure the success of a system or software development project. System and Technology Integration: Knowledge of the features and facilities of systems; ability to integrate and communicate among applications, databases and technology platforms. Level Basic Understanding: Cyber Security: Knowledge of network attacks and the defenses used; ability to defend and prevent electronic threats, theft and attacks. What You Will Get: