Manager Biso Jobs (NOW HIRING)

We are looking for a talented Data Protection Manager to join our team specializing in Systems/Information Technology for our Corporate organization in Indianapolis, IN. 

In this role, you will make an impact in the following ways:

Cummins is an equal opportunity employer. Our policy is to provide equal employment opportunities to all qualified persons without regard to race, sex, color, disability, national origin, age, religion, union affiliation, sexual orientation, veteran status, citizenship, gender identity, or other status protected by law.

Data Protection Manager

Role Overview

The Data Protection Manager is responsible for defining, governing, and continuously evolving the organization's information protection strategy within the Business Information Secucrity Organization (BISO). This role ensures enterprise data is protected, managed, and used in alignment with legal, regulatory, privacy, and business requirements. This role reports to the Director of Information Protection & Resilience as part of the BISO, and it serves as a governance leader and contributor toward enterprise information protection.

Key Responsibilities

1. Data Protection Strategy & Roadmap

• Develop and maintain the enterprise-wide data protection strategy
• Align data protection initiatives with: Business goals; Risk appetite; Regulatory requirements; and Privacy obligations
• Define and refine roadmap for: Data classification; Retention; Privacy controls; Data lifecycle management; and Handling standards
• Advise leadership on emerging risks including AI data usage, cross-border transfers, etc.

2. Governance Framework Development

• Establish and maintain Policies; Standards; Procedures; and Exception Management
• Define data ownership and stewardship models
• Lead governance bodies such as Data Protection Committees and Privacy Councils
• Ensure accountability across business units

3. Risk Management & Control Assurance

• Identify and assess data protection risks
• Integrate data protection into enterprise risk management (ERM)
• Oversee audits and remediation efforts
• Support DLP governance while partnering with technical teams

4. Cyber Awareness & Culture

• Promote a culture of information protection
• Lead the development of training and awareness programs
• Support Incident Management involving sensitive data identification and risk exposure

Key Deliverables

• Enterprise Information Protection Strategy & Roadmap
• Data Governance Framework
• Information Protection Policies & Standards
• Data Classification and Handling Standards
• Executive Risk Dashboards and Reporting
• Regulatory Compliance Reporting

Required Skills & Competencies

Core Competencies

• Strong understanding of Data protection laws; Information security principles; Risk management; and Privacy expectations
• Strategic thinking and policy development
• Ability to translate legal/regulatory requirements into operational controls
• Executive communication and stakeholder management

Technical Awareness (not necessarily hands-on)

• DLP, encryption, tokenization
• Cloud data protection considerations
• Data architecture and flows
• Privacy-enhancing technologies (PETs)
• Identiy and access technologies and implications

Qualifications

• Bachelor's or Master's degree in Cybersecurity, Information Systems, or related field
• Preferred certifications: CIPP/E, CIPM, CIPT, CISSP, CISM, CRISC

Experience

• 8-12+ years in data protection, privacy, information security, or cyber risk
• Fortune 200 / large enterprise experience preferred
• Experience partnering with Legal, Privacy, Compliance and Enterprise Content Management
• Big Four or public accounting/consulting a plus

To be successful in this role you will need the following:

• Financial acumen - Interpreting and applying understanding of key financial indicators to make better business decisions.
  
• Builds effective teams - Building strong-identity teams that apply their diverse skills and perspectives to achieve common goals.
  
• Communicates effectively - Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences.
  
• Decision quality - Making good and timely decisions that keep the organization moving forward.
  
• Tech savvy - Anticipating and adopting innovations in business-building digital and technology applications.
  
• IT Supplier Relationships - Leverages a vendor management framework to manage strategic supplier relationships and supplier performance based on business need throughout the contract life using the required processes and tools to control costs, drive service excellence, mitigate risks, and gain increased value from the suppliers.
  
• Release Planning - Plans and manages the release of capabilities, features or products using inputs from the prioritized roadmap, planning, available resources and skills to communicate expected availability and releases of capability.
  
• Project Resource Management - Develops resource (expense and headcount) plans using recommended project management tools and processes to manage resources effectively.
  
• Values differences - Recognizing the value that different perspectives and cultures bring to an organization.
  

Education, Licenses, Certifications:

• College, university, or equivalent degree in Computer Science, Information Technology, Business, or related subject, or relevant equivalent experience required.
• This position may require licensing for compliance with export controls or sanctions regulations.
  

Experience:

• Significant level of relevant work experience, including supervisory experience, required.
• Broad business knowledge required.