Joint Venture Cybersecurity Risk Leader – 20000037

CumminsIT & Cybersecurity 9+ Years

Job Description

DESCRIPTION/RESPONSIBILITIES:
Cummins is a place big enough to coach and develop a global workforce and create the world’s leading clean, engine technology. We’re also small enough for you to find your fit and personal passion with a team of dependable, innovative thinkers who are developing their careers within a diverse, inclusive, empowering environment.

Learn more about this role and how you can begin Working Right.
Our Corporate Business Unit delivers reliable, durable, high performing products to our global partners. Working in an innovative space, you’ll develop high tech solutions that will fuel your advanced career skill set and empower you to own your career. Our integrated businesses demand the talents and creativity of individuals with a wide range of skills and experience.

This is an exciting opportunity in Columbus, Indiana for a Joint Venture Cybersecurity Risk Leader. Cummins USA is where you can work on industry leading projects.

The successful candidate will:
• Evaluate cybersecurity architectures related to Cummins’ Joint Ventures globally.
• Assess cybersecurity risks associated with applications, infrastructure, and system connectivity into the Cummins Enterprise Domain.
• Collaborate with Legal, Business Unit, Area Business Organization, and IT leadership to develop assessment criteria to reduce risk and development of risk mitigation approaches for Joint Ventures.
• Create in collaboration with Legal, Engineering, IT and other stakeholders an assessment methodology for Joint Venture Cybersecurity Risk.
• Apply Cummins’ technology standards to Joint Venture architectures to ensure compliance with Cummins’ Technology Reference Model.
• Produce documentation related to cybersecurity risk as it applies to Joint Ventures.

Your impact will happen in these and other ways:
• Provides consultation on the aspects of threats, vulnerabilities, and compliance for solutions deployed within the environment.
• Manages, provides leadership and guidance to less experienced cybersecurity leaders.
• Prioritizes and assigns the tasks to be completed by a group of cybersecurity leaders.
• Possesses the knowledge required to follow and adhere to compliance frameworks and other security requirements and standards that enable the organization to reduce risks and meet regulatory and statutory compliance.
• Identifies systemic security issues based on the analysis of vulnerability and configuration data.
• Implements security measures to resolve vulnerabilities, mitigate risks and recommend security changes to system or system components as needed.
• Participates as a stakeholder in cross-functional teams to develop technology solutions.
• Collaborates with functional teams and/or stakeholders to identify and/or develop appropriate solution designs, proper implementation and any required mitigation strategies.
• Performs reviews and identifies security and other weaknesses in solutions that may introduce risks to the enterprise and business goal achievement.
• Provides cybersecurity recommendations to leadership based on existing, emerging and new cybersecurity threats and vulnerabilities, which introduce risk to the achievement of business goals and objectives.
• Employs best practices when implementing security controls within a system including software engineering methodologies; system and security engineering principles; secure design, secure architecture, and secure coding techniques.
• Informs and provides governance regarding system security controls that ensure and provide for the confidentiality, integrity, availability, authentication, and non-repudiation of system resources and the data they process and store.
• Coaches and develops less experienced team members.

REQUIRED SKILLS:
Skills
Cybersecurity Risk Management - Identifies and assesses the potential impact of Cybersecurity risks against established Cybersecurity industry frameworks, regulations and organizational policies to develop and implement risk mitigation strategies in alignment with business objectives.
Systems Requirements Planning - Develops a detailed set of use cases and requirements through documenting and deriving capabilities that are needed to operate, manage, administer and deploy enterprise cybersecurity capabilities and tools.
Systems Analysis - Designs information systems solutions using solution design documents and the security review tool to help the organization operate more securely, efficiently and effectively.
Strategic Planning and Policy - Advocates for changes in policy through collaboration and the identification of gaps identified by the use of cybersecurity technologies that protect Cummins' data and business information systems.
Business Analysis Planning - Identifies the activities needed to conduct business analysis considering the five business aspects, level of detail, and approach for eliciting requirements to plan for resources and techniques to document the business needs and solution characteristics.
Business insight - Applying knowledge of business and the marketplace to advance the organization’s goals.
Manages complexity - Making sense of complex, high quantity, and sometimes contradictory information to effectively solve problems.
Balances stakeholders - Anticipating and balancing the needs of multiple stakeholders.
Collaborates - Building partnerships and working collaboratively with others to meet shared objectives.
Builds effective teams - Building strong-identity teams that apply their diverse skills and perspectives to achieve common goals.
Drives engagement - Creating a climate where people are motivated to do their best to help the organization achieve its objectives.
Instills trust - Gaining the confidence and trust of others through honesty, integrity, and authenticity.

Experience
• Minimum 10 to 15 years of experience with increasing responsibilities in cybersecurity risk management.
• Familiarity with ISO 27001, NIST Cybersecurity Framework and other related risk frameworks.
• Experience with Legal and Regulatory regimes related to Privacy, Cybersecurity, Data Protection, and Incident Response.
• Experience with Audit of IT systems in complex multi-national environments preferred.
• Prior experience with third party risk highly preferred.

Required Education, Licenses or Certifications
College, university, or equivalent degree in Information Technology, Business or a related subject, or relevant experience required.
Certified Information Systems Security Professional (CISSP) or similar certification preferred.

Compensation and Benefits
Base salary rate commensurate with experience. Additional benefits vary between locations and include options such as our 401(k) Retirement Savings Plan, Cash Balance Pension Plan, Medical/Dental/Life Insurance, Health Savings Account, Domestic Partners Coverage and a full complement of personal and professional benefits.

Cummins and E-verify
At Cummins, we are an equal opportunity and affirmative action employer dedicated to diversity in the workplace. Our policy is to provide equal employment opportunities to all qualified persons without regard to race, gender, color, disability, national origin, age, religion, union affiliation, sexual orientation, veteran status, citizenship, gender identity and/or expression, or other status protected by law. Cummins validates right to work using E-Verify. Cummins will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each new employee’s Form I-9 to confirm work authorization.

Ready to think beyond your desk? Apply for this opportunity to start your career with Cummins today. careers.cummins.com

Not ready to apply but want to learn more? Join our Talent Community to get the inside track on great jobs and confidentially connect to our recruiting team: http://connect.find.ly/cummins

Posted On

February 4, 2020