Work Location: Columbus, IN
Technology. Flexibility. Diversity. At the center of it all are the Digital Accelerator and Advanced Analytics teams working together as a high-energy startup within a Fortune 500 organization. At this Midwestern technology hub, today’s sharpest, most curious minds transform what-ifs into realities.
You will have global opportunities to develop your career and make your community a better place - to break ground professionally and be your best personally.
This is an exciting opportunity in Columbus, IN for a Cybersecurity Leader supporting our Digital Accelerator Teams.
Scope of position will include;
- Be a Cybersecurity Advisor to managers and leaders who are responsible for making decisions about solutions that address business goals and risks. Provides consultation on the aspects of threats, vulnerabilities, and compliance for solutions deployed within the environment. Manages, provides leadership and guidance to less experienced cybersecurity leaders.
- Prioritizes and assigns the tasks to be completed by a group of cybersecurity leaders.
- Possesses the knowledge required to follow and adhere to compliance frameworks and other security requirements and standards that enable the organization to reduce risks and meet regulatory and statutory compliance.
- Identifies systemic security issues based on the analysis of vulnerability and configuration data.
- Implements security measures to resolve vulnerabilities, mitigate risks and recommend security changes to system or system components as needed.
- Participates as a stakeholder in cross-functional teams to develop technology solutions.
- Collaborates with functional teams and/or stakeholders to identify and/or develop appropriate solution designs, proper implementation and any required mitigation strategies.
- Performs reviews and identifies security and other weaknesses in solutions that may introduce risks to the enterprise and business goal achievement.
- Provides cybersecurity recommendations to leadership based on existing, emerging and new cybersecurity threats and vulnerabilities, which introduce risk to the achievement of business goals and objectives.
- Employs best practices when implementing security controls within a system including software engineering methodologies; system and security engineering principles; secure design, secure architecture, and secure coding techniques.
- Informs and provides governance regarding system security controls that ensure and provide for the confidentiality, integrity, availability, authentication, and non-repudiation of system resources and the data they process and store.
- Coaches and develops less experienced team members.
Cybersecurity Risk Management - Identifies and assesses the potential impact of Cybersecurity risks against established Cybersecurity industry frameworks, regulations and organizational policies to develop and implement risk mitigation strategies in alignment with business objectives.
Systems Requirements Planning - Develops a detailed set of use cases and requirements through documenting and deriving capabilities that are needed to operate, manage, administer and deploy enterprise cybersecurity capabilities and tools.
Systems Analysis - Designs information systems solutions using solution design documents and the security review tool to help the organization operate more securely, efficiently and effectively.
Strategic Planning and Policy - Advocates for changes in policy through collaboration and the identification of gaps identified by the use of cybersecurity technologies that protect our data and business information systems.
Business Analysis Planning - Identifies the activities needed to conduct business analysis considering the five business aspects, level of detail, and approach for eliciting requirements to plan for resources and techniques to document the business needs and solution characteristics.
Business insight - Applying knowledge of business and the marketplace to advance the organization’s goals.
Manages complexity - Making sense of complex, high quantity, and sometimes contradictory information to effectively solve problems.
Balances stakeholders - Anticipating and balancing the needs of multiple stakeholders.
Collaborates - Building partnerships and working collaboratively with others to meet shared objectives.
Builds effective teams - Building strong-identity teams that apply their diverse skills and perspectives to achieve common goals.
Drives engagement - Creating a climate where people are motivated to do their best to help the organization achieve its objectives.
Instills trust - Gaining the confidence and trust of others through honesty, integrity, and authenticity.
- 5-7 years of cybersecurity work experience is required. 2 years of experience with Cloud technology and concepts preferred.
- Applies knowledge of Amazon Web Services (AWS), GoogleCloud, Microsoft Azure and other public cloud and private cloud platforms, and their capabilities and security features to assist deploying cloud based technologies and solutions.
- Provides guidance regarding development of secure cloud coding/development and the inclusion of security practices and security testing as part of the software development lifecycle.
- Applies knowledge and experience to deliver integration of Internet of Things (IOT) Devices with cloud native platforms, data lakes, and data delivery networks technologies and telematic service providers.
- Possess proficiency and knowledge of coding (Lambda,JSON, etc..) and DevOps techniques that enable the adoption, stand-up and employment of cloud service infrastructure and platforms.
- Coaches and mentors less experienced team members and colleagues; documents knowledge and solutions for use across the company global enterprise and organizations.
- Develops relationships with security vendors and external security experts; brings knowledge of current issues and risks to information security and privacy meetings.
- Collects and analyzes data on existing processes and protection controls that are or need to be applied in public cloud, private cloud, and hybrid (on premise and cloud) solutions.
- Trouble-shoots complex technical and business issues with existing security and privacy protection protocols.
- Perform root cause analysis, and makes recommendations on changes that address risk and deviation from best practices, policy, and standards and may have an impact or influence AOP priorities and execution of business strategy.
- Develops collaborative peer relationships that enable and strengthen team processes and dynamics.
- Identifies the potential for internal and external threats and evaluates mitigation strategies and controls that can be implemented to reduce risk from malware attacks/propagation, targeted attacks, unauthorized access, data modification, degradation of services and other threat scenarios.
- Identifies risk associated with potential loss of data and assesses the impact of mitigation strategies and controls on the business process and cost.
- Performs reoccurring security and privacy assessments of business processes and IT solutions to identify and recommend changes that improves Cummins' security posture and adherence with compliance and privacy frameworks.
- Contributes and collaborates with architects and solution implementers to ensure security controls are embedded to protect the company global enterprise.
- Review and recommend changes to new and existing information security policies that influence how our company develops and implements different solutions and processes.
- Analyzes existing processes, standards, policies and/or equipment and makes process improvement recommendations to leaders ensuring compliance with laws, rules, and regulations while managing global business risk impact.
- Provides information security guidance to IT project teams implementing small to large scale solutions that support our company business operations and Digital Product infrastructure.
- Promotes information security awareness across the Business Unit, Function Area, and organization.
- Collaborate across the Global cyber security leader team as it related to the execution of Cyber Security organizational security initiatives conducted in different Business Units, Functional Areas, and Area Business Organizations (ABO).
Compensation and Benefits
Base annual salary commensurate with experience plus annual variable compensation. Additional benefits vary between locations and include options such as our 401(k) Retirement Savings Plan, Cash Balance Pension Plan, Medical/Dental/Life Insurance, Health Savings Account, Domestic Partners Coverage and a full complement of personal and professional benefits.
We are an equal opportunity and affirmative action employer dedicated to diversity in the workplace. Our policy is to provide equal employment opportunities to all qualified persons without regard to race, gender, color, disability, national origin, age, religion, union affiliation, sexual orientation, veteran status, citizenship, gender identity and/or expression, or other status protected by law.
We validate right to work using E-Verify.
We will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each new employee’s Form I-9 to confirm work authorization. To learn more about E-Verify, including your rights and responsibilities, please visit www.dhs.gov/E-Verify .