Cybersecurity Risk Manager
Hyundai Capital, Irvine, CA, United States
Cybersecurity Risk Manager (2600001U)
Job Description
Who We Are Through our service brands Hyundai Motor Finance, Genesis Finance, and Kia Finance, Hyundai Capital America offers a wide range of financial products tailored to meet the needs of Hyundai, Genesis, and Kia customers and dealerships. We provide vehicle financing, leasing, subscription, and insurance solutions to over 3 million consumers and businesses. Embodying our commitment to grow, innovate, and diversify, we strive to reimagine the customer and dealer experience and launch innovative new products that broaden our market reach. We believe that success comes from within and are proud to support our team members through skill development and career advancement. Hyundai Capital America is an Equal Opportunity Employer committed to creating a diverse and inclusive culture for our workforce. We are a values‑driven company dedicated to supporting both internal and external communities through volunteering, philanthropy, and the empowerment of our Employee Resource Groups. Together, we strive to be the leader in financing freedom of movement.
We Take Care of Our People
Medical, dental, and vision plans with no‑cost and low‑cost options
Annual employer HSA contribution
401(k) matching and immediate vesting
Vehicle purchase and lease discounts, plus monthly vehicle allowances by job level:
Associate / Sr. Associate: $350
Director: $800
Executive Director: $900
VP or Above: $1,000
100% employer‑paid life and disability insurance
No‑cost health and wellbeing programs, including a gym benefit
Six weeks of paid parental leave
Paid Volunteer Time Off, plus a company donation to a charity of your choice
What to Expect The Cybersecurity Risk Manager is responsible for identifying and mitigating security risks associated with software development and deployment throughout the Software Development Life Cycle (SDLC). This role will enforce security policies, ensure security requirement alignment, and perform security risk assessments.
What You Will Do
Conduct security risk assessments, threat modeling, and impact analyses to identify vulnerabilities across HCA internal utilized solutions, systems, applications and processes.
Participate in the cybersecurity risk management framework to align with business objectives and regulatory requirements.
Maintain security risk metrics by tracking Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs), along with reporting mechanisms to communicate cybersecurity effectiveness.
Participate and assist with governance around internal cybersecurity risks, ensuring compliance with internal security policies and regulatory requirements.
Qualifications What You Will Bring
Minimum 5‑7 years’ progressive experience in cybersecurity governance, risk management, or compliance with an understanding of security risk management, the system development life cycle (SDLC), and the evolving threat landscape.
Bachelor’s or Master’s degree in Cybersecurity, Information Security, Risk Management or a related field.
Certifications such as CISSP, CISM, CRISC, CGEIT, CISA, and ITIL are highly desirable.
Strong knowledge of Information Security risk management frameworks, Governance, Risk, and Compliance process, IT general controls (e.g. asset classification, risk assessments, vulnerability and threat analysis, risk treatment, audit controls and remediation, vendor risk management, and IT risk management & reporting).
Strong knowledge of Information Security & Risk Frameworks including ISO 27001/2, ISO 31000:2018, ISO 270052022; NIST Special Publications and Methodologies (e.g. SP800‑12, 30, 37, 39, 150, 161).
Working knowledge of California Consumer Privacy Act (CCPA), Gramm‑Leach‑Bliley Act (GLBA), NYDFS Cybersecurity Regulation, PCI‑DSS, FFIEC, SOX, and other relevant laws and regulations.
Strong understanding of financial regulatory frameworks and cybersecurity best practices.
Intermediate skills with Microsoft Office Suite, including Word, Excel and PowerPoint.
Ability to communicate complex security concepts to business leaders and technical teams.
Proven ability to assess risk, interpret security findings, and provide strategic guidance.
Exceptional attention to detail and quality.
Ability to work autonomously and in a team environment.
Excellent verbal and written communication, including presentation skills.
Excellent interpersonal skills to successfully collaborate with cross‑functional departments.
Strong orientation toward results coupled with reputation for integrity, creativity and good judgment.
Must have the ability to challenge, when appropriate, existing practices.
Employees in this class are subject to extended periods of sitting, standing, and walking, vision to monitor and moderate noise levels. Work is performed in an at home and office environment.
The posted salary range for this job takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; geographic location, and other business and organizational needs. Successful candidates may be hired anywhere in the salary range based on these factors. It is uncommon to hire candidates at or near the top of the range.
This notice only applies to our applicants who reside in the State of California.
#J-18808-Ljbffr
Who We Are Through our service brands Hyundai Motor Finance, Genesis Finance, and Kia Finance, Hyundai Capital America offers a wide range of financial products tailored to meet the needs of Hyundai, Genesis, and Kia customers and dealerships. We provide vehicle financing, leasing, subscription, and insurance solutions to over 3 million consumers and businesses. Embodying our commitment to grow, innovate, and diversify, we strive to reimagine the customer and dealer experience and launch innovative new products that broaden our market reach. We believe that success comes from within and are proud to support our team members through skill development and career advancement. Hyundai Capital America is an Equal Opportunity Employer committed to creating a diverse and inclusive culture for our workforce. We are a values‑driven company dedicated to supporting both internal and external communities through volunteering, philanthropy, and the empowerment of our Employee Resource Groups. Together, we strive to be the leader in financing freedom of movement.
We Take Care of Our People
Medical, dental, and vision plans with no‑cost and low‑cost options
Annual employer HSA contribution
401(k) matching and immediate vesting
Vehicle purchase and lease discounts, plus monthly vehicle allowances by job level:
Associate / Sr. Associate: $350
Director: $800
Executive Director: $900
VP or Above: $1,000
100% employer‑paid life and disability insurance
No‑cost health and wellbeing programs, including a gym benefit
Six weeks of paid parental leave
Paid Volunteer Time Off, plus a company donation to a charity of your choice
What to Expect The Cybersecurity Risk Manager is responsible for identifying and mitigating security risks associated with software development and deployment throughout the Software Development Life Cycle (SDLC). This role will enforce security policies, ensure security requirement alignment, and perform security risk assessments.
What You Will Do
Conduct security risk assessments, threat modeling, and impact analyses to identify vulnerabilities across HCA internal utilized solutions, systems, applications and processes.
Participate in the cybersecurity risk management framework to align with business objectives and regulatory requirements.
Maintain security risk metrics by tracking Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs), along with reporting mechanisms to communicate cybersecurity effectiveness.
Participate and assist with governance around internal cybersecurity risks, ensuring compliance with internal security policies and regulatory requirements.
Qualifications What You Will Bring
Minimum 5‑7 years’ progressive experience in cybersecurity governance, risk management, or compliance with an understanding of security risk management, the system development life cycle (SDLC), and the evolving threat landscape.
Bachelor’s or Master’s degree in Cybersecurity, Information Security, Risk Management or a related field.
Certifications such as CISSP, CISM, CRISC, CGEIT, CISA, and ITIL are highly desirable.
Strong knowledge of Information Security risk management frameworks, Governance, Risk, and Compliance process, IT general controls (e.g. asset classification, risk assessments, vulnerability and threat analysis, risk treatment, audit controls and remediation, vendor risk management, and IT risk management & reporting).
Strong knowledge of Information Security & Risk Frameworks including ISO 27001/2, ISO 31000:2018, ISO 270052022; NIST Special Publications and Methodologies (e.g. SP800‑12, 30, 37, 39, 150, 161).
Working knowledge of California Consumer Privacy Act (CCPA), Gramm‑Leach‑Bliley Act (GLBA), NYDFS Cybersecurity Regulation, PCI‑DSS, FFIEC, SOX, and other relevant laws and regulations.
Strong understanding of financial regulatory frameworks and cybersecurity best practices.
Intermediate skills with Microsoft Office Suite, including Word, Excel and PowerPoint.
Ability to communicate complex security concepts to business leaders and technical teams.
Proven ability to assess risk, interpret security findings, and provide strategic guidance.
Exceptional attention to detail and quality.
Ability to work autonomously and in a team environment.
Excellent verbal and written communication, including presentation skills.
Excellent interpersonal skills to successfully collaborate with cross‑functional departments.
Strong orientation toward results coupled with reputation for integrity, creativity and good judgment.
Must have the ability to challenge, when appropriate, existing practices.
Employees in this class are subject to extended periods of sitting, standing, and walking, vision to monitor and moderate noise levels. Work is performed in an at home and office environment.
The posted salary range for this job takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; geographic location, and other business and organizational needs. Successful candidates may be hired anywhere in the salary range based on these factors. It is uncommon to hire candidates at or near the top of the range.
This notice only applies to our applicants who reside in the State of California.
#J-18808-Ljbffr