Cybersecurity AI Governance Principal

We are looking for a talented Cybersecurity Advisor Principal to join our team specializing in Systems/Information Technology for our Corporate organization in Indianapolis, IN .

In this role, you will make an impact in the following ways:

• Strengthen the organization's security posture and compliance by consistently applying cybersecurity frameworks, regulatory requirements, and industry standards to reduce enterprise risk and ensure audit readiness.
• Proactively identify and remediate systemic security risks by analyzing vulnerability and configuration data and driving targeted solutions that address root causes, not just symptoms.
• Reduce exposure to cyber threats by implementing effective security controls, mitigation strategies, and recommended system changes that protect critical systems and data.
• Embed security into technology solutions from the start by partnering with cross-functional stakeholders to influence secure design, architecture, and implementation decisions.
• Safeguard business objectives by conducting security reviews that uncover weaknesses early and prevent solutions from introducing risks that could impact enterprise performance.
• Enable informed leadership decision-making by translating emerging and existing cybersecurity threats into clear, actionable risk-based recommendations aligned to business goals.
• Ensure confidentiality, integrity, and availability of systems and data by governing and enforcing robust security controls grounded in secure engineering, coding, and architecture best practices.
• Build long-term capability and trust by coaching less experienced team members, sharing cybersecurity expertise, and cultivating strong business relationships that consistently deliver value.

• Balances stakeholders - Anticipating and balancing the needs of multiple stakeholders.
• Builds effective teams - Building strong-identity teams that apply their diverse skills and perspectives to achieve common goals.
• Business insight - Applying knowledge of business and the marketplace to advance the organization's goals.
• Collaborates - Building partnerships and working collaboratively with others to meet shared objectives.
• Drives engagement - Creating a climate where people are motivated to do their best to help the organization achieve its objectives.
• Instills trust - Gaining the confidence and trust of others through honesty, integrity, and authenticity.
• Manages complexity - Making sense of complex, high quantity, and sometimes contradictory information to effectively solve problems.
• Business Analysis Planning - Identifies the activities needed to conduct business analysis considering the five business aspects, level of detail, and approach for eliciting requirements to plan for resources and techniques to document the business needs and solution characteristics.
• Cybersecurity Risk Management - Identifies and assesses the potential impact of Cybersecurity risks against established Cybersecurity industry frameworks, regulations and organizational policies to develop and implement risk mitigation strategies in alignment with business objectives.
• Strategic Planning and Policy - Advocates for changes in policy through collaboration and the identification of gaps identified by the use of cybersecurity technologies that protect Cummins' data and business information systems.
• Systems Analysis - Designs information systems solutions using solution design documents and the security review tool to help the organization operate more securely, efficiently and effectively.
• Systems Security Requirements Planning - Consults with customers through attending cross-functional meetings to gather and evaluate security requirements and translates these security requirements for incorporation into a technical solution(s); provides guidance to partners on how to best apply security requirements as part of the Cummins governance processes through consultation to reduce business risk.
• Values differences - Recognizing the value that different perspectives and cultures bring to an organization.

• College, university, or equivalent degree in Computer Science, or Information Technology, or related subject, or relevant equivalent experience required.
• Certified Information Systems Security Professional (CISSP) or similar certification preferred.
• This position may require licensing for compliance with export controls or sanctions regulations.

• 5-7 years of cybersecurity work experience is required.
• 2 years of experience with Cloud technology and concepts preferred.

• Define and maintain the AI security and governance vision, roadmap, and operating model for enterprise AI/ML initiatives.
• Partner with engineering and data science teams to embed security and governance expectations into AI pipelines, MLOps/LLMOps platforms, APIs, and agent frameworks.
• Establish security standards, policies, and governance controls for AI systems, including LLMs and agentic AI architectures, aligned with industry frameworks such as NIST AI RMF and ISO/IEC 27001.
• Define governance requirements for model access, authentication, authorization, and isolation, working with engineering and platform teams to ensure appropriate technical implementation.
• Establish governance guidance for sandboxing, guardrails, and execution boundaries for autonomous AI agents, ensuring least-privilege principles and appropriate oversight capabilities.
• Lead risk management activities for AI/ML systems, addressing threats such as model poisoning, prompt injection, adversarial attacks, and agent hijacking.
• Define secure and responsible AI lifecycle practices for model training, tuning, deployment, and monitoring in coordination with engineering and platform teams.
• Advise executive leadership on AI-related risks, emerging threats, and mitigation strategies.
• Ensure alignment with regulatory requirements and responsible AI governance frameworks (e.g., GDPR, EU AI Act, and emerging global AI regulations).
• Collaborate with security architecture, engineering, and research teams to anticipate emerging AI threat vectors and inform future governance and control strategies.
• Support vendor evaluation and risk assessment for AI technologies and security solutions, including participation in proof-of-concepts and security reviews.
• Define governance models for AI system accountability, traceability, and appropriate levels of autonomy in AI-driven actions.
• Partner with Enterprise Security Ops, as well as other incident management functions in the enterprise, to ensure AI-related threats and anomalous agent behaviors are incorporated into enterprise detection and response processes.
• Act as the primary security and governance advisor for AI initiatives, translating complex technical risks into business impact for enterprise stakeholders.

• Ability to influence senior leaders and cross-functional teams.
• Strong written and verbal communication skills.
• Experience balancing innovation speed with security and risk management.
• Strategic thinking with practical technical understanding of AI/ML security concepts.
• Stakeholder management across Business Units, as well as Engineering, Data Science, Product, Legal, Compliance, and Enterprise Security.
• Proactive and adaptive leadership in rapidly evolving threat and regulatory landscapes.