Information Security Risk Manager

Who We Are

Through our service brands Hyundai Motor Finance, Genesis Finance, and Kia Finance, Hyundai Capital America offers a wide range of financial products tailored to meet the needs of Hyundai, Genesis, and Kia customers and dealerships.  We provide vehicle financing, leasing, subscription, and insurance solutions to over 2 million consumers and businesses. Embodying our commitment to grow, innovate, and diversify, we strive to reimagine the customer and dealer experience and launch innovative new products that broaden our market reach. We believe that success comes from within and are proud to support our team members through skill development and career advancement. Hyundai Capital America is an Equal Opportunity Employer committed to creating a diverse and inclusive culture for our workforce. We are a values-driven company dedicated to supporting both internal and external communities through volunteering, philanthropy, and the empowerment of our Employee Resource Groups. Together, we strive to be the leader in financing freedom of movement.

We Take Care of Our People

Along with competitive pay, as an employee of HCA, you are eligible for the following benefits :

• Medical, Dental and Vision plans that include no-cost and low-cost plan options
• Immediate 401(k) matching and vesting
• Vehicle purchase and lease discounts plus monthly vehicle allowances
• Paid Volunteer Time Off with company donation to a charity of your choice
• Tuition reimbursement

What to Expect

The Information Security Risk Manager will lead and act as the key point of contact regarding Korean SOX (KSOX) activity for Information Protection Department (IPD).   In addition, this role is responsible to develop, manage, and support internal / external risk assessment programs, policy exceptions, and audit remediation execution and align IPD risk management activities with business objectives and risk tolerance; identify and mitigate potential risks through threat analysis; and supports initiatives for HCA global standards and compliance.

What You Will Do

1.     Manage the execution of IPD KSOX Test of Design (TOD) and Test of Effectiveness (TOE) Project Plans. Evaluate Test documentation & conclusion, and document test results in a testing template.

2.     Ensure IPD process and / or control is accurate, and report exceptions to IPD Control Owner for further actions​.  Update the IPD Risk Control Matrix (RCM) for new control information. Regularly perform KSOX Control Attestation with documentation of accurate controls.

3.     Report exceptions or control gaps noted in testing to IPD control owner for further actions. Submit IPD self-report status on regular basis​. Track exceptions, gap, or deficiencies & document all remediation plans using Gap Self-Reporting template per KSOX Office assigned deadlines.

4.     Work with KSOX Office as IPD key contact for external auditor testing​, coordinate to determine remediation plans as required. Incorporate guidance from KSOX Office into tests or gap remediation plans​.

5.     Assist with the execution of Information Security Risk Management initiatives (including IT Operation Risk Assessments, IT System Risk Assessments, Cloud Application Risk Assessments, and Vulnerability Risk Assessments).