DESCRIPTION

We are looking for a talented Cybersecurity Advisor - Senior to join our team specializing in Systems/Information Technology for Cummins, Inc. in Columbus, IN.

In this role, you will make an impact in the following ways:

• Compliance : Follow and adhere to compliance frameworks and security standards to reduce risks and meet regulatory requirements.
• Issue Identification : Analyze vulnerability and configuration data to identify systemic security issues.
• Security Implementation : Implement measures to resolve vulnerabilities, mitigate risks, and recommend necessary security changes.
• Cross-Functional Participation : Act as a stakeholder in cross-functional teams to develop technology solutions.
• Collaborative Solution Design : Work with functional teams and stakeholders to develop appropriate solution designs, implementations, and mitigation strategies.
• Security Reviews : Perform reviews to identify security weaknesses and other risks that could impact business goals.
• Leadership Recommendations : Provide cybersecurity recommendations to leadership based on emerging threats and vulnerabilities.
• Governance and Controls : Ensure system security controls maintain confidentiality, integrity, availability, authentication, and non-repudiation of system resources and data.

• Cybersecurity Risk Management - Regularly conduct thorough risk assessments to identify potential vulnerabilities.Develop and implement effective risk mitigation strategies that align with business objectives.
• Strategic Planning and Policy - Identify gaps in current policies and advocate for necessary changes.Work closely with other departments to ensure that cybersecurity measures are integrated into all aspects of the business.Help develop policies that protect data and business information systems.
• Systems Analysis - Use solution design documents and security review tools to create secure, efficient, and effective information systems.Regularly review and improve system designs to enhance security and efficiency.
• Systems Security Requirements Planning - Attend cross-functional meetings to gather and evaluate security requirements.Translate security requirements into technical solutions that meet business needs.Provide guidance to partners on applying security requirements and reducing business risk.

• College, university, or equivalent degree in Computer Science, Information Technology, Business, or related subject, or relevant equivalent experience required.
• This position may require licensing for compliance with export controls or sanctions regulations.
• 3-5 years of cybersecurity work experience is required. Experience with Cloud technology and concepts preferred.

• Education:
• Bachelor's degree in Cybersecurity, Information Technology, or a related field.
• Certifications such as CISSP, CISM, CISA, or equivalent are highly preferred.
• Experience:
• 3-5 years of experience in cybersecurity governance, risk management, or a related field.
• Experience with cybersecurity frameworks (e.g., NIST, ISO 27001, CIS Controls) and risk management best practices.
• Knowledge of regulatory requirements (e.g., GDPR, CMMC, TISAX, PCI DSS) and how they apply to cybersecurity and risk management.
• Technical Skills:
• Familiarity with risk assessment tools, security controls, and compliance management platforms.
• Understanding of IT security technologies such as firewalls, endpoint protection, SIEM, and encryption.
• Understanding of IT infrastructures such as cloud environments (AWS, Azure, GCP), networks, and data storage.
• Soft Skills:
• Strong analytical and problem-solving abilities with attention to detail.
• Excellent communication skills with the ability to present complex risk management and governance information to non-technical stakeholders.
• Ability to work independently and as part of a cross-functional team.
• Strong organizational skills with the ability to manage multiple priorities in a dynamic environment.
• Detail-oriented with excellent organizational and documentation skills.
• Other Skills/Attributes:
• Proactive in identifying security risks and implementing solutions.
• Ability to influence and collaborate with both technical and non-technical teams across the organization.
• Ability to stay current with evolving cybersecurity threats and regulatory changes.
• Strong demonstration of accountability with consistent results without significant oversight.

• Master's degree in Cybersecurity or related field.
• Experience with GRC (Governance, Risk, and Compliance) platforms (e.g., Archer, LogicManager, ServiceNow).
• Knowledge of cloud security (AWS, Azure, GCP) and risk management in cloud environments.
• Familiarity with business continuity and disaster recovery planning as it relates to cybersecurity and risk management.