Career Area:
Legal and Compliance
Job Description:
Your Work Shapes the World at Caterpillar Inc.
When you join Caterpillar, you're joining a global team who cares not just about the work we do – but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here – we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it.
IT IS YOUR TIME
Caterpillar Inc. is the world's leading manufacturer of construction and mining equipment, off-highway diesel and natural gas engines, industrial gas turbines and diesel-electric locomotives. For nearly 100 years, we've been helping customers build a better, more sustainable world and are committed and contributing to a reduced-carbon future. Our innovative products and services, backed by our global dealer network, provide exceptional value that helps customers succeed.
When you join Caterpillar, you're joining a global team who cares not just about the work we do – but also about each other. We are the makers, problem solvers and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here – we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it.
If you are looking for personal and professional growth, in a company with an inclusive culture, which seeks equity, respects differences and believes in people's potential, this is the right place. We consider people with disability candidates and those with diversity in gender, culture, ethnicity, religion, age, generation, race, nationality and sexual orientation.
Important:
- Don't forget to include a resumé in English in your profile in Workday
- Please check your application status directly in the Workday system, as this is our primary method of communication. All updates regarding your application will be reflected there.
Job Description:
We are seeking an analytical, detail-oriented, and technically proficient IT Risk & Compliance Professional to join our Enterprise IT Controls team. The IT Risk & Compliance Professional acts as the primary subject matter expert and trusted advisor for Enterprise IT Controls compliance. Incumbents lead interactions with internal customers at all levels from staff to senior management across Caterpillar IT and Caterpillar Corporate Governing bodies such as Corporate Legal, Corporate Ethics & Compliance, and Corporate Internal Auditing & Compliance. Incumbent provides global support.
What you will do:
Provide Guidance on Execution of Enterprise IT Controls:
* Provide guidance and train teams on ownership, implementation, and execution of Enterprise IT Controls.
* Communicate, implement, and manage organizational change of IT control changes and ownership.
* Coordinate and lead training of Process Owners, Execution Owners, and Execution teams on IT Controls requirements.
* Develop strong relationships with Process Owners and Execution Owners.
* Overall key contact for IT controls and governance compliance.
Provide Guidance on Remediation of IT Controls:
* Provide enterprise governance and consultation on IT controls policies, processes, deadlines, and testing.
* Ensure IT Control self-attestation participants understand results and make recommendations based upon implications.
* Provide guidance to execution teams to help ensure control issues are remediated timely.
* Challenge stakeholders on root causes of risk and effectiveness of remediation activities.
Sustain Control Environment:
* Coordinate the scheduling, monitoring and management of internal self-attestations collaborating with Process Owners, Execution Owners and Execution teams across the enterprise.
* Train impacted Process Owners, Execution Owners and Execution Team Members on how to complete self-attestations.
* Lead risk assessment reviews of processes to ensure compliance, proactively manage risk, and contribute to the annual risk management process.
* Escalate non-compliance to controls or deadlines to IT Management.
* Ensure IT controls and governance tools and artifacts remain in alignment with the current organization and responsibilities.
* Engage with Process Owners to understand compliance for their process(es) and make process improvement recommendations.
* Lead teams in continuous improvement activities within the IT Control framework.
* Execute User Acceptance Testing (UAT) for changes/enhancements to the ServiceNow IRM module for the self-attestation process.
* Lead projects on the continuous improvement of the IT Controls methodology.
Reporting:
* Identify and document reporting requirements to ensure relevant risk and compliance reporting to IT management.
* Communicate relevant risk and compliance status to appropriate Process Owners and/or Execution Owners.
Skills:
Process Management: Knowledge of business process improvement tools and techniques; ability to understand, monitor, update, control, or enhance existing business or work processes.
IT Risk Management: Knowledge of processes, tools and techniques for assessing and controlling an organization's exposure to IT risks of various kinds; ability to apply knowledge of risk management appropriately to diverse situations.
Analytical Thinking: Knowledge of techniques and tools that promote effective analysis; ability to determine the root cause of organizational problems and create alternative solutions that resolve these problems.
Data Gathering and Reporting: Knowledge of tools, techniques and processes for gathering and reporting data; ability to practice them in a particular department or division of a company.
Basic requirements:
- Bachelor's degree
- Pre Advanced English
- A proficient level of understanding and experience from more than one IT business operation and/or process including but not limited to application development and support, and infrastructure implementation and support.
- Experience with processes, tools and techniques for assessing and controlling an organization's exposure to IT risks of various kinds, and ability to apply knowledge of risk management appropriately to diverse situations.
- Ability to understand multiple perspectives, evaluate effectiveness and efficiency of process(es), communicate appropriately, and make recommendation(s) with a strategic enterprise perspective.
- Preference for an auditing, compliance, cybersecurity, or risk management background and/or experience in managing risk through identification, assessment, and mitigation.
Top candidates will also have:
- Prior experience(s) with identity and access management, role-based access control (RBAC), proactive risk identification, continuous control monitoring, and process maturity analysis.
- Hands-on experience with Governance, Risk, and Compliance (GRC) platforms, specifically ServiceNow Integrated Risk Management (IRM) and/or AuditBoard.
- Proven ability to configure, manage, and optimize workflows within these tools to support risk assessments, control monitoring, audit management, and compliance reporting.
- Familiarity with integrating GRC tools into enterprise environments and leveraging automation for continuous control monitoring.
- Hands-on experience with data analysis and visualization tools/platforms (Snowflake, SQL, Power BI, Tableau, Microsoft Excel, etc.) & techniques.
- Strong initiative, accountability, process focus, and communication skills.
- Experience in delivering difficult issues and messages to business partners and/or IT leadership while maintaining composure.
- Industry and professional certification(s) (e.g., CRISC, CISA, CISM, CISSP, CIA, CPA, etc.) or be willing to obtain one within one year of starting.
Additional Information:
- This position may require 10% travel.
Note: This position requires the candidate to work onsite five days a week.
Some of the offered benefits*:
·Medical plan
·Dental plan
·Medicines reimbursement
·Psychological, Legal, Social and Finance Support Program
·Private pension plan
·Profit share
·Meal assistance
·Christmas basket
·Transportation
·Life and personal insurance
·Extended maternity and paternity leave
·Employee resources group (Young Professional, Women in Networking, LAMBDA (LGBTQIA+), Latin Group and Active in Sport
*Caterpillar reserves the right to change or modify benefits at any time, subject prior notice and in compliance with legal requirements. Benefit elegibility may vary by position and location
The Recruitment & Selection area emphasizes that it does not use personal emails and/or emails from other domains (@gmail, @hotmail, etc.) to contact candidates. Available vacancies are only advertised through the company's official channels ; ), and official Caterpillar emails are mandatory followed by the domain Also, the company does not request any type of payment (bank transfer, pix, etc.) for the purposes of the selection process. For more information click on the link:
#LI
Posting Dates:
dezembro 10, janeiro 4, 2026
Caterpillar is an Equal Opportunity Employer. Qualified applicants of any age are encouraged to apply
Not ready to apply? Join our Talent Community.