Manager, IT Cyber Security

Manager, IT Cyber Security

Hyundai MOBIS Parts America

• Location: Fountain Valley, CA
• Employment Type - Exempt, Annual Salary
• Compensation - The expected hiring range for this position is $120,000.00 - 145,000.00, depending on experience and qualifications.
• Travel: Minimal travel required, including occasional trips to local warehouses
• Schedule: Typically 8 hours per day Monday through Friday, (Weekend and after-hours support required for operations issues, project launches, and other initiatives as needed)

Who We Are:

Hyundai Mobis Parts America is a company of the Hyundai Motor Group responsible for the development, production, and distribution of Service Parts and Accessories for all Hyundai and Kia brand vehicles. Within North America and Mexico, Mobis Parts America operates 17 distribution centers and associated transportation networks warehousing and shipping product to all Hyundai and Kia Dealerships within USA, Canada, and Mexico as well as South/Central American Distributors.

Job Overview:

Under the leadership of the Head of IT Operations & Systems, the Manager IT Cyber Security is responsible for overseeing and managing the cybersecurity architecture ensuring the protection of the company’s information systems, networks, and data. This role will develop and implement security policies, monitor for vulnerabilities, and respond to security incidents. Additionally, this position will be responsible for managing user access controls and account support, ensuring proper access management and compliance with security protocols. The Manager of Cyber Security will work closely with analysts, other IT and business teams, and business departments to align security efforts with business goals and compliance requirements.

Collaboration with IT and Business Units

• Coordinate with HR to define and manage the components of comprehensive security policies and procedures for the company
• Collaborate with other IT functions (e.g., network security, application security, and infrastructure) to integrate security controls and ensure that all security measures are embedded into systems and processes.
• Work with business units to understand security requirements, ensuring that security measures do not negatively impact business operations.

Responsibilities:

Cyber Security Program Management

• Lead the company’s cyber security initiatives, ensuring policies, procedures, and practices align with industry best practices and organizational goals.
• Manage the overall security posture, ensuring the protection of networks, systems, and data from unauthorized access, cyber-attacks, and data breaches.
• Develop and enforce security policies and procedures to mitigate risks, prevent incidents, and ensure compliance with regulatory requirements (e.g., GDPR, HIPAA, PCI-DSS).

Risk Management and Compliance

• Assess and manage cybersecurity risks across the organization, helping business units identify and mitigate risks related to IT systems, networks, and data.
• Architects, plans, configures, deploys, maintains, and upgrades toolsets to address vulnerabilities and/or implement security controls
• Work closely with compliance teams to ensure that security practices align with relevant industry standards and legal requirements.
• Conduct regular security audits and ensure that the organization maintains certifications as well as complies with internal and external reporting and audit requirements.

Incident Response and Management

• Lead the incident response process, from detection to mitigation, ensuring minimal impact on operations.
• Conduct root cause analysis and manage remediation efforts after security incidents or breaches.
• Prepare detailed incident reports for senior management and ensure that lessons learned are applied to improve future defenses.

Security Operations and Monitoring

• Monitor security alerts and events from a variety of sources, including security information and event management (SIEM) systems, firewalls, intrusion detection systems (IDS/IPS), and antivirus solutions.
• Respond to security events and incidents in a timely and effective manner, escalating when necessary.
• Conduct vulnerability assessments and penetration tests, working with the team to resolve any security gaps identified.

Security Awareness and Training

• Develop and deliver training programs for employees on security best practices, including phishing awareness, secure password management, and handling sensitive data.
• Promote a culture of security awareness across the organization, ensuring all employees understand their role in maintaining security.

Account Support and Systems Access Management

• Oversee and manage the process of user account creation, modification, and deactivation across applications, systems, and platforms.
• Collaborate with HR and other departments to manage user access based on role changes, promotions, or terminations.
• Ensure that all systems have proper access controls and are in compliance with security policies and regulatory requirements.
• Implement role-based access controls (RBAC) and least privilege principles to restrict unauthorized access to sensitive information.
• Monitor and review user access logs and permissions regularly to ensure proper access management and identify any anomalies or unauthorized access attempts.
• Ensure timely resolution of account access issues for employees, contractors, and third-party vendors.

Key Performance Indicators

• Security system installation and application target
• Reduction in security incidents and breaches
• Percentage of security incidents resolved within SLA
• Mean time to detect (MTTD) and mean time to respond (MTTR) to incidents
• Percentage of compliance with security frameworks and regulations
• Number of accounts created, modified, or deactivated according to policy
• Percentage of user access reviews completed on time
• Number of users trained on security awareness programs
• Regular security audits and vulnerability scans completed on time
• Risk assessments and mitigation strategies implemented successfully

Work Environment

• This position is primarily a professional, office-based job, including use of phones, computers, printers, copy machines, etc.
• Occasional work in industrial environment such as distribution centers required

Physical Demands

• Ability to work at a desk for long periods
• Verbal interactions both in-person and online
• Some lifting may be required.

Required Qualifications

Education

• Bachelor's degree in Computer Science, Information Technology, Information Security, or related field (Master’s preferred).

Overall Related Experience & Preferred Skills

• 10 years of experience in Cyber Security or IT Security.
• 2 years in a management role.
• Experience with SIEM tools, firewalls, IDS/IPS, endpoint protection, and access control systems.
• Experience with vulnerability management, penetration testing, and incident response.
• Proven experience with managing user access and account support, including role-based access control (RBAC) and least privilege access management.

Certifications

• CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CEH (Certified Ethical Hacker), or similar is preferred.

Skills

• Knowledge of security frameworks such as NIST, ISO 27001, and CIS Controls.
• Strong understanding of networking protocols, web application security, and cloud security.
• Familiarity with security tools (e.g., Splunk, Wireshark, Nessus, Qualys, Palo Alto Networks, Fortinet).
• Ability to analyze and remediate security vulnerabilities across networks, applications, and systems.
• Exceptional communication and interpersonal skills (both written and verbal), with the ability to work effectively with technical and non-technical stakeholders.
• Competency in standard Microsoft applications including Word, Excel, Access, Powerpoint and Outlook.
• Excellent planning, organizational, and time management skills.
• Ability to escalate issues and communicate status to stakeholders
• Ability to work independently and collaborate within other business units
• Strong problem-solving and analytical skills with attention to detail.

Hyundai Mobis Parts America - Benefits

We offer a competitive benefits package for full-time employees which include:

• Medical, Dental, and Vision
• 401K with employer matching
• Tuition Reimbursement
• Paid Vacation, Paid Sick Days and Paid Holidays
• Company Discounts & more!

Our company provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics.

Job Type: Full-time

Pay: $120,000.00 - $145,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Employee assistance program
• Employee discount
• Flexible spending account
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Tuition reimbursement
• Vision insurance

Schedule:

• 8 hour shift
• Monday to Friday

Application Question(s):

• Do you require visa sponsorship as part of your employment?

Experience:

• Cybersecurity: 10 years (Required)
• Supervising: 2 years (Required)
• SIEM Tools: 2 years (Required)
• Security frameworks: 10 years (Required)

License/Certification:

• CISSP, CISM or CEH Certification (Required)

Ability to Commute:

• Fountain Valley, CA 92708 (Required)

Ability to Relocate:

• Fountain Valley, CA 92708: Relocate before starting work (Required)

Work Location: In person

Salary : $120,000 - $145,000