Hyundai Capital Services
Sr. Manager, Cybersecurity Risk Management
Hyundai Capital Services, Irvine, California, United States, 92713
Overview
Sr. Manager, Cybersecurity Risk Management - (250000JG) Who We Are Hyundai Capital America offers a wide range of financial products through Hyundai Motor Finance, Genesis Finance, and Kia Finance. We provide vehicle financing, leasing, subscription, and insurance solutions to over 2 million consumers and businesses. We strive to reimagine the customer and dealer experience and launch innovative new products that broaden our market reach. Hyundai Capital America is an Equal Opportunity Employer committed to creating a diverse and inclusive culture for our workforce. We Take Care of Our People Medical, Dental and Vision plans with no-cost and low-cost options Immediate 401(k) matching and vesting Vehicle purchase and lease discounts plus monthly vehicle allowances Paid Volunteer Time Off with company donation to a charity of your choice What to Expect The Sr. Manager, Cybersecurity Risk Management will oversee the organizations security risk posture, proactively identifying, assessing, and mitigating risks that could impact business operations, financial stability, and regulatory compliance. This role requires a deep understanding of financial industry regulations and the evolving threat landscape, ensuring the organizations cybersecurity strategy is resilient and forward-thinking. In addition, this role oversees the security posture of our external vendors and partners to ensure alignment with our cybersecurity policies, regulatory requirements, and risk mitigation strategies. What You Will Do Develop and execute a cybersecurity risk management framework aligned with business objectives and regulatory requirements. Conduct security risk assessments, threat modeling, and impact analyses to identify vulnerabilities across systems and processes. Establish security risk metrics and reporting mechanisms to communicate cybersecurity effectiveness and provide actionable insights to executives and stakeholders. Manage governance around third-party cybersecurity risks, ensuring compliance with security standards. Lead, mentor, and develop team members by providing direction, performance feedback, and support to ensure effective collaboration, professional growth, and achievement of organizational and personal goals. Qualifications What You Will Bring Minimum 8 years of experience in cybersecurity governance, risk management, or compliance within financial services. Three years of supervisory experience. Bachelors or Masters degree in Cybersecurity, Information Security, Risk Management, or a related field. Certifications such as CISSP, CISM, CRISC, CGEIT, and ITIL are highly desirable. Strong knowledge of Information Security risk management frameworks, Governance, Risk, and Compliance processes, IT general controls (e.g. asset classification, risk assessments, vulnerability and threat analysis, risk treatment, audit controls and remediation, vendor risk management, and IT risk management & reporting). Strong knowledge of Information Security & Risk Frameworks including ISO 27001/2, ISO 31000:2009, ISO 27005:2008; NIST Special Publications and Methodologies (e.g. SP800-12, 30, 37, 39, 53, 55, 161). Working knowledge of California Consumer Privacy Act (CCPA), Gramm-Leach-Bliley Act (GLBA), NYDFS Cybersecurity Regulation, PCI-DSS, FFIEC, SOX, and other relevant laws and regulations. Strong understanding of financial regulatory frameworks and cybersecurity best practices. Excellent leadership and stakeholder management skills. Ability to communicate complex security concepts to business leaders and technical teams. Employees in this class are subject to extended periods of sitting, standing and walking, and using a computer. Work is performed in an office environment. The posted salary range for this job takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; geographic location, and other business and organizational needs. Successful candidates may be hired anywhere in the salary range based on these factors. It is uncommon to hire candidates at or near the top of the range. This notice only applies to our applicants who reside in the State of California. The latest version of our Privacy Policy can be found here. This Privacy Policy provides you with notice, at or before the point of collection, about the categories of personal information to be collected from you, the purposes for which your personal information is collected or used, and whether that information is sold or shared, so that you can exercise meaningful control over our use of your personal information. We are providing this notice to comply with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (CCPA). If you have any questions about CCPA regarding California residents or HCA team members, please contact the Privacy Team at Privacy2@hcs.com #J-18808-Ljbffr
Sr. Manager, Cybersecurity Risk Management - (250000JG) Who We Are Hyundai Capital America offers a wide range of financial products through Hyundai Motor Finance, Genesis Finance, and Kia Finance. We provide vehicle financing, leasing, subscription, and insurance solutions to over 2 million consumers and businesses. We strive to reimagine the customer and dealer experience and launch innovative new products that broaden our market reach. Hyundai Capital America is an Equal Opportunity Employer committed to creating a diverse and inclusive culture for our workforce. We Take Care of Our People Medical, Dental and Vision plans with no-cost and low-cost options Immediate 401(k) matching and vesting Vehicle purchase and lease discounts plus monthly vehicle allowances Paid Volunteer Time Off with company donation to a charity of your choice What to Expect The Sr. Manager, Cybersecurity Risk Management will oversee the organizations security risk posture, proactively identifying, assessing, and mitigating risks that could impact business operations, financial stability, and regulatory compliance. This role requires a deep understanding of financial industry regulations and the evolving threat landscape, ensuring the organizations cybersecurity strategy is resilient and forward-thinking. In addition, this role oversees the security posture of our external vendors and partners to ensure alignment with our cybersecurity policies, regulatory requirements, and risk mitigation strategies. What You Will Do Develop and execute a cybersecurity risk management framework aligned with business objectives and regulatory requirements. Conduct security risk assessments, threat modeling, and impact analyses to identify vulnerabilities across systems and processes. Establish security risk metrics and reporting mechanisms to communicate cybersecurity effectiveness and provide actionable insights to executives and stakeholders. Manage governance around third-party cybersecurity risks, ensuring compliance with security standards. Lead, mentor, and develop team members by providing direction, performance feedback, and support to ensure effective collaboration, professional growth, and achievement of organizational and personal goals. Qualifications What You Will Bring Minimum 8 years of experience in cybersecurity governance, risk management, or compliance within financial services. Three years of supervisory experience. Bachelors or Masters degree in Cybersecurity, Information Security, Risk Management, or a related field. Certifications such as CISSP, CISM, CRISC, CGEIT, and ITIL are highly desirable. Strong knowledge of Information Security risk management frameworks, Governance, Risk, and Compliance processes, IT general controls (e.g. asset classification, risk assessments, vulnerability and threat analysis, risk treatment, audit controls and remediation, vendor risk management, and IT risk management & reporting). Strong knowledge of Information Security & Risk Frameworks including ISO 27001/2, ISO 31000:2009, ISO 27005:2008; NIST Special Publications and Methodologies (e.g. SP800-12, 30, 37, 39, 53, 55, 161). Working knowledge of California Consumer Privacy Act (CCPA), Gramm-Leach-Bliley Act (GLBA), NYDFS Cybersecurity Regulation, PCI-DSS, FFIEC, SOX, and other relevant laws and regulations. Strong understanding of financial regulatory frameworks and cybersecurity best practices. Excellent leadership and stakeholder management skills. Ability to communicate complex security concepts to business leaders and technical teams. Employees in this class are subject to extended periods of sitting, standing and walking, and using a computer. Work is performed in an office environment. The posted salary range for this job takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; geographic location, and other business and organizational needs. Successful candidates may be hired anywhere in the salary range based on these factors. It is uncommon to hire candidates at or near the top of the range. This notice only applies to our applicants who reside in the State of California. The latest version of our Privacy Policy can be found here. This Privacy Policy provides you with notice, at or before the point of collection, about the categories of personal information to be collected from you, the purposes for which your personal information is collected or used, and whether that information is sold or shared, so that you can exercise meaningful control over our use of your personal information. We are providing this notice to comply with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (CCPA). If you have any questions about CCPA regarding California residents or HCA team members, please contact the Privacy Team at Privacy2@hcs.com #J-18808-Ljbffr