Sr. Information Security Compliance Manager
Sr. Information Security Compliance Manager
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Who We Are
Through our service brands Hyundai Motor Finance Genesis Finance and Kia Finance Hyundai Capital America offers a wide range of financial products tailored to meet the needs of Hyundai Genesis and Kia customers and dealerships. We provide vehicle financing leasing subscription and insurance solutions to over 2 million consumers and businesses. Embodying our commitment to grow innovate and diversify we strive to reimagine the customer and dealer experience and launch innovative new products that broaden our market reach. We believe that success comes from within and are proud to support our team members through skill development and career advancement. Hyundai Capital America is an Equal Opportunity Employer committed to creating a diverse and inclusive culture for our workforce. We are a values-driven company dedicated to supporting both internal and external communities through volunteering philanthropy and the empowerment of our Employee Resource Groups. Together we strive to be the leader in financing freedom of movement.
We Take Care of Our People
Along with competitive pay as an employee of HCA you are eligible for the following benefits:
Medical Dental and Vision plans that include no-cost and low-cost plan options
Immediate 401(k) matching and vesting
Vehicle purchase and lease discounts plus monthly vehicle allowances
Paid Volunteer Time Off with company donation to a charity of your choice
Tuition reimbursement
What to Expect
The Sr. Information Security Compliance Manager will lead and act as the key point of contact regarding Korean SOX (KSOX) activity for Information Protection Department (IPD). In addition this role is responsible to develop manage and support internal/external risk assessment programs policy exceptions and audit remediation execution and align IPD risk management activities with business objectives and risk tolerance; identify and mitigate potential risks through threat analysis; and supports initiatives for HCA global standards and compliance.
What You Will Do
1. Manage the execution of IPD KSOX Test of Design (TOD) and Test of Effectiveness (TOE) Project Plans. Evaluate Test documentation & conclusion and document test results in a testing template.
2. Ensure IPD process and/or control is accurate and report exceptions to IPD Control Owner for further actions. Update the IPD Risk Control Matrix (RCM) for new control information. Regularly perform KSOX Control Attestation with documentation of accurate controls.
4. Work with KSOX Office as IPD key contact for external auditor testing coordinate to determine remediation plans as required. Incorporate guidance from KSOX Office into tests or gap remediation plans.
5. Assist with the execution of Information Security Risk Management initiatives (including IT Operation Risk Assessments IT System Risk Assessments Cloud Application Risk Assessments and Vulnerability Risk Assessments).
What You Will Bring
Minimum 8 years progressive experience in General ITGC Auditing Sarbanes-Oxley (SOX) and GAAP Financial Auditing is required.
Solid understanding of SOX requirements risk frameworks and control audit concepts.
Project Management experience and Information Technology industry experience preferred.
Bachelors degree preferably in Computer Science Information Security IT or other related area of study or equivalent experience.
One of the following: CISSP CISM CISA ITIL or other related information security certification is required.
Information Security Risk Management Governance and Compliance process and knowledge (e.g. asset classification risk assessments vulnerability and threat analysis risk treatment audit controls and remediation vendor risk management and IT risk management & reporting).
Working knowledge of Information Security & Risk Frameworks including ISO 27001/2 ISO 31000:2009 ISO 27005:2008; NIST Special Publications and Methodologies (e.g. SP800-).
Working knowledge of Gramm-Leach-Bliley Act (GLBA) NYDFS Cybersecurity Regulation or other related regulatory requirements.
Inter-Department collaboration business requirement alignment project management and policy compliance with business process mapping.
IT General Controls IT Frameworks ERP systems Process Management Risk Management Accounting Systems Analytical Tools and Financial Systems.
Excellent verbal and written communication skills with demonstrated ability to present persuasive ideas.
Strong MS Office skills strong analytical and problem-solving abilities.
Excellent communication and interpersonal skills.
Ability to work collaboratively with cross-functional teams.
Work Environment
Employees in this class are subject to extended periods of sitting standing and walking vision to monitor and moderate noise levels. Work is performed in an office environment.
The posted salary range for this job takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; geographic location and other business and organizational needs. Successful candidates may be hired anywhere in the salary range based on these factors. It is uncommon to hire candidates at or near the top of the range.
California Privacy Notice
This notice only applies to our applicants who reside in the State of California.
If you have any questions about CCPA regarding California residents or HCA team members please contact the Privacy Team at .
Required Experience:
Manager
Employment Type
Full-Time
