Joint Venture Cybersecurity Risk Leader - 20000037
Posted on: April 10, 2021
View all jobs Joint Venture Cybersecurity Risk Leader - 20000037
Washington, DC -- Information Technology Joint Venture
Cybersecurity Risk Leader - 20000037
Location: Columbus, IN
No, this isn't one of those ordinary jobs.
Cummins is a team of dependable, innovative thinkers, who are
empowered to generate and deliver solutions for customers,
community, and environment. Our employees develop their careers
through the challenges only a diverse, global innovator can
promise. This is a collaborative culture where thinking beyond your
desk is more than part of the job. It is the job.
This is what we call Working Right.
We are a place big enough to coach and develop a global workforce
and create the world's leading clean, engine technology. We're also
small enough for you to find your fit and personal passion with a
team of dependable, innovative thinkers who are developing their
careers within a diverse, inclusive, empowering environment.
Learn more about this role and how you can begin Working Right
Our Corporate Business Unit delivers reliable, durable, high
performing products to our global partners. Working in an
innovative space, you'll develop high tech solutions that will fuel
your advanced career skill set and empower you to own your career.
Our integrated businesses demand the talents and creativity of
individuals with a wide range of skills and experience.
This is an exciting opportunity in Columbus, Indiana for a Joint
Venture Cybersecurity Risk Leader. This is where you can work on
industry leading projects.
The successful candidate will:
- Evaluate cybersecurity architectures related to our company
Joint Ventures globally.
- Assess cybersecurity risks associated with applications,
infrastructure, and system connectivity into the Cummins Enterprise
- Collaborate with Legal, Business Unit, Area Business
Organization, and IT leadership to develop assessment criteria to
reduce risk and development of risk mitigation approaches for Joint
- Create in collaboration with Legal, Engineering, IT and other
stakeholders an assessment methodology for Joint Venture
- Apply Cummins' technology standards to Joint Venture
architectures to ensure compliance with Cummins' Technology
- Produce documentation related to cybersecurity risk as it
applies to Joint Ventures.Your impact will happen in these and
- Provides consultation on the aspects of threats,
vulnerabilities, and compliance for solutions deployed within the
- Manages, provides leadership and guidance to less experienced
- Prioritizes and assigns the tasks to be completed by a group of
- Possesses the knowledge required to follow and adhere to
compliance frameworks and other security requirements and standards
that enable the organization to reduce risks and meet regulatory
and statutory compliance.
- Identifies systemic security issues based on the analysis of
vulnerability and configuration data.
- Implements security measures to resolve vulnerabilities,
mitigate risks and recommend security changes to system or system
components as needed.
- Participates as a stakeholder in cross-functional teams to
develop technology solutions.
- Collaborates with functional teams and/or stakeholders to
identify and/or develop appropriate solution designs, proper
implementation and any required mitigation strategies.
- Performs reviews and identifies security and other weaknesses
in solutions that may introduce risks to the enterprise and
business goal achievement.
- Provides cybersecurity recommendations to leadership based on
existing, emerging and new cybersecurity threats and
vulnerabilities, which introduce risk to the achievement of
business goals and objectives.
- Employs best practices when implementing security controls
within a system including software engineering methodologies;
system and security engineering principles; secure design, secure
architecture, and secure coding techniques.
- Informs and provides governance regarding system security
controls that ensure and provide for the confidentiality,
integrity, availability, authentication, and non-repudiation of
system resources and the data they process and store.
- Coaches and develops less experienced team
Cybersecurity Risk Management - Identifies and assesses the
potential impact of Cybersecurity risks against established
Cybersecurity industry frameworks, regulations and organizational
policies to develop and implement risk mitigation strategies in
alignment with business objectives.
Systems Requirements Planning - Develops a detailed set of use
cases and requirements through documenting and deriving
capabilities that are needed to operate, manage, administer and
deploy enterprise cybersecurity capabilities and tools.
Systems Analysis - Designs information systems solutions using
solution design documents and the security review tool to help the
organization operate more securely, efficiently and
Strategic Planning and Policy - Advocates for changes in policy
through collaboration and the identification of gaps identified by
the use of cybersecurity technologies that protect our data and
business information systems.
Business Analysis Planning - Identifies the activities needed to
conduct business analysis considering the five business aspects,
level of detail, and approach for eliciting requirements to plan
for resources and techniques to document the business needs and
Business insight - Applying knowledge of business and the
marketplace to advance the organization's goals.
Manages complexity - Making sense of complex, high quantity, and
sometimes contradictory information to effectively solve
Balances stakeholders - Anticipating and balancing the needs of
Collaborates - Building partnerships and working collaboratively
with others to meet shared objectives.
Builds effective teams - Building strong-identity teams that apply
their diverse skills and perspectives to achieve common goals.
Drives engagement - Creating a climate where people are motivated
to do their best to help the organization achieve its
Instills trust - Gaining the confidence and trust of others through
honesty, integrity, and authenticity.
- Minimum 10 to 15 years of experience with increasing
responsibilities in cybersecurity risk management.
- Familiarity with ISO 27001, NIST Cybersecurity Framework and
other related risk frameworks.
- Experience with Legal and Regulatory regimes related to
Privacy, Cybersecurity, Data Protection, and Incident
- Experience with Audit of IT systems in complex multi-national
- Prior experience with third party risk highly
preferred.Required Education, Licenses or Certifications
College, university, or equivalent degree in Information
Technology, Business or a related subject, or relevant experience
Certified Information Systems Security Professional (CISSP) or
similar certification preferred.
Compensation and Benefits
Base salary rate commensurate with experience. Additional benefits
vary between locations and include options such as our 401(k)
Retirement Savings Plan, Cash Balance Pension Plan,
Medical/Dental/Life Insurance, Health Savings Account, Domestic
Partners Coverage and a full complement of personal and
We are an equal opportunity and affirmative action employer
dedicated to diversity in the workplace. Our policy is to provide
equal employment opportunities to all qualified persons without
regard to race, gender, color, disability, national origin, age,
religion, union affiliation, sexual orientation, veteran status,
citizenship, gender identity and/or expression, or other status
protected by law.
We validate right to work using E-Verify.
We will provide the Social Security Administration (SSA) and, if
necessary, the Department of Homeland Security (DHS), with
information from each new employee's Form I-9 to confirm work
authorization. To learn more about E-Verify, including your rights
and responsibilities, please visit www.dhs.gov/E-Verify .
Keywords: Tech-Connect, Washington DC , Joint Venture Cybersecurity Risk Leader - 20000037, Accounting, Auditing , Washington, DC
Didn't find what you're looking for? Search again!