DESCRIPTION

We are looking for a talented Cybersecurity Awareness and Training Advisor to join our team in Columbus, IN .

In this role, you will make an impact in the following ways:

• Enhancing Cybersecurity Knowledge : By building a deep understanding of Cummins' cybersecurity policies and industry data privacy principles, you'll help ensure compliance and protect sensitive information.
• Risk Identification and Mitigation : Participating in cybersecurity risk identification and working with the team to evaluate severity and develop mitigation plans will help safeguard the organization against potential threats.
• Applying Industry Standards : Utilizing your knowledge of frameworks and standards (e.g., NIST, ISO, ITIL, Cobit) in a manner specific to Cummins processes and controls will enhance the company's cybersecurity posture.
• Problem Analysis : Assisting with problem analysis for technology solutions will contribute to the development of effective and secure technological implementations.
• Issue Escalation : Escalating issues for additional analysis and resolution as appropriate ensures that potential cybersecurity threats are addressed promptly and effectively.
• Promoting Cybersecurity Awareness : Assisting in the promotion of cybersecurity awareness will help cultivate a security-conscious culture within the organization.
• Stakeholder Collaboration : Collaborating with stakeholders on requests for new and changing technology solutions will ensure that cybersecurity considerations are integrated into all technological advancements.
• Continuous Improvement : Your role will contribute to the continuous improvement of Cummins' cybersecurity measures, helping the organization stay ahead of emerging threats and vulnerabilities.

• Action oriented - Taking on new opportunities and tough challenges with a sense of urgency, high energy, and enthusiasm.
• Builds networks - Effectively building formal and informal relationship networks inside and outside the organization.
• Collaborates - Building partnerships and working collaboratively with others to meet shared objectives.
• Communicates effectively - Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences.
• Ensures accountability - Holding self and others accountable to meet commitments.
• Instills trust - Gaining the confidence and trust of others through honesty, integrity, and authenticity.
• Manages ambiguity - Operating effectively, even when things are not certain or the way forward is not clear.
• Manages conflict - Handling conflict situations effectively, with a minimum of noise.
• Self-development - Actively seeking new ways to grow and be challenged using both formal and informal development channels.
• Cybersecurity Risk Management - Identifies and assesses the potential impact of Cybersecurity risks against established Cybersecurity industry frameworks, regulations and organizational policies to develop and implement risk mitigation strategies in alignment with business objectives.
• Regulatory Risk Compliance Management - Evaluates the design and effectiveness of controls against established industry frameworks and regulations to assess adherence with legal/regulatory requirements.
• Values differences - Recognizing the value that different perspectives and cultures bring to an organization.

• College, university, or equivalent degree in Cybersecurity, Computer Science, or Information Technology, or related subject, or relevant equivalent experience required.
• This position may require licensing for compliance with export controls or sanctions regulations.

• Minimal relevant work experience required. 0-3 years of experience

• Knowledge & Skills:
• Strong understanding of current cybersecurity threats, including phishing, social engineering, malware, and ransomware.
• Experience with eLearning platforms, Learning Management Systems (LMS), or other training delivery methods.
• Strong communication and presentation skills, with the ability to explain complex security concepts to non-technical audiences. You will be regularly speaking to audiences of 100 or more people, both in person and virtually.
• Experience using phishing simulation tools and other security awareness tools.
• Certifications:
• Certified Security Awareness Practitioner (CSAP) or SANS Security Awareness Professional (SSAP) certifications are desirable.
• Certified Information Systems Security Professional (CISSP) is a plus.

• Experience:
• Experience working in large or complex organizations, or with diverse teams.
• Experience in working on a global scale, understanding the social norms and language considerations in awareness and training materials.
• Experience with behavioral change strategies or learning science.
• Prior experience or knowledge of the KnowBe4 platform is desired.
• Skills:
• Strong project management and organizational skills.
• Ability to work independently and in a team environment.
• Ability to perform targeted phishing exercises such as spear phishing, etc.