14 days old

Senior Group Manager, Enterprise Cybersecurity

Hyundai Motor America
Fountain Valley, CA 92708
  • Job Code
    11035

At Hyundai, weve rethought our business and created cars that combine performance, quality, design and innovation into a complete package.

Its time you rethink what you expect from an employer.

At Hyundai, we understand you're not just building a career you're building a life. We believe in our people and realize that our success is a direct result of our commitment in offering you great opportunities for your career. If you would enjoy working in a dynamic environment and are looking for a chance to become part of a stellar team of professionals, we invite you to apply online today.




Purpose:



~Senior Group Manager, Enterprise Cybersecurity is responsible for establishing and deploying the overall Hyundai Motor America (HMA) and Genesis Motor America (GMA) enterprise-wide IT Cybersecurity initiatives. The position resides within HMNAs (Hyundai Motor North America) Digital Business Planning (DBP) and Connected Ops department. This role is expected to be the overall enterprise security leader working with the guidance of the HMA Privacy Office leads, related global HQ groups, and cooperating with other Hyundai groups such as HAEA (Hyundai AutoEver America). Strong business acumen will be critical in articulating to company executives. Also, collaborating with company and affiliated business groups the cybersecurity strategies, methods and tactics required for related policies and procedures. In addition, a strong IT Cybersecurity background with project development and implementation is needed. Success will require sophisticated process, technology and project management skills, as well as strong analytical, communication and process documentation skills. Finally, it will require the ability to lead stakeholders while driving issues and/or programs to closure.





Major Responsibilities:



~Incident Response Process (IRP):



~ Lead the Cybersecurity Incident Response team for initial event triage



~ For low and medium ranked events, the position will analyze data, coordinate Incident Response Team until issue is closed



~ For high and critical ranked events, the position will support the Privacy Office-led Incident Response team activities



~ Coordinate and maintain log assessments and orchestrate IRP next steps



~ Co-develop incident response policy with the Privacy team



~ Monitor external IT landscape for cyber events that may impact HMA/GMA business. Notify stakeholders, initiate IRP, act as the IRP facilitator until issue is deemed closed



~ Coordinate incident response with Vehicle Cyber Incident Response team for vehicle related incident management



~ Manage both HMA and GMA Vulnerability Disclosure Programs



~ Perform annual incident response tabletop exercises





~ Monitor HAEAs Incident Response Process to ensure alignment to HMA/GMAs Incident Response Process





Projects (Project Management and GRC-related Functions):



~ Act as the project cybersecurity consult, via HMA/GMAs internal project assessment tool (PriSMA), to include Vendor Risk Assessments, penetration testing assessments, data and architecture review assessments



~ Review and provide input to program SOW, SOS, and other business contractual agreements for cybersecurity verbiage inclusion



~ Coordinate with Vehicle Cyber lead, Digital Business Planning & Connected Ops, Marketing, Sales, Service, Purchasing, Legal, Hyundai Motor Group affiliates, HAEA cybersecurity teams for 3rd Party policies and procedures



~ Coordinate with HAEA on review and remediation of attack and penetration testing results. Ensure alignment with HMAs expectations



~ Coordinate with HAEA on periodic review of security architecture. Ensure alignment with HMAs expectations



~ Coordinate and monitor HAEAs cybersecurity assessments. Ensure alignment with expectations



~ Follow up with HMA/GMA and HAEA teams for cybersecurity assessment issues found



~ Lead teams though audits and gap remediation



~ Review and update HAEA contractual agreements



~ Oversee and guide Hyundai AutoEver Americas alignment to industry best practices and regulations



~ Guide and coordinate with HMA/GMA Purchasing, Privacy & Legal for 3rd party RFP and contractual agreements



~ Collaborate with Privacy to conduct audits and/or tabletop simulations to confirm alignment to industry standards and/or meet industry regulations



~ Develop risk mitigation strategies and enterprise-wide security programs related to web/mobile apps



~ Develop risk mitigation strategies for physical building cybersecurity related to HMA/GMA/HMNA headquarters and other remote office locations



~ For all areas of responsibility, develop the cybersecurity business plans, resource plan and budgets



~ Oversee and monitor HAEA security program list. Identify and prioritize cybersecurity security projects per HMA/GMAs needs



~ Ensure HAEA cybersecurity projects consider HMA/GMA operational needs



~ Manage cybersecurity metrics related to various programs, ensure SLAs on both HMA/GMA and HAEA are being met



~ Manage the approved resources to achieve appropriate performance levels: consulting budgets, outsourced project teams, temps, employees



~ Collaborate with North American Hyundai affiliates for lessons learned and best practices





Policy & Procedures:



~ Develop HMA/GMAs IT cybersecurity Policies and Procedures considering HMA/GMAs use-cases



~ Minimally, perform annual review of IT cybersecurity Policies and Procedures and HMA Employee Handbook



~ Assess HAEA Policies and Procedures for relevancy to HMA/GMA use-cases and compliance with applicable statute, regulations, industry standards, and self-regulatory frameworks



~ Oversee programs to educate employees and contractors on cybersecurity awareness



~ Lead company cybersecurity awareness seminars and training



~ Collaborate with HMA/GMA HR to monitor employee and contractor alignment to training and policy adherence





Authority:



~ This position reports to the Executive Director, Digital Business Planning and Connected Ops.



~ This position is expected to be the primary SME for IT Cybersecurity working under the authority of the HMA/GMA Executive Committee, IT Steering Committee, and Executive Director Digital Business Planning and Connected Ops. Provide critical thinking to propose ideas or solutions that are in the best interest for the HMA/GMA organization. Hiring, termination approving timecards and other Manager related duties may be required for this position depending on level of resources/headcount authorized.



~ This position will also require the individual to take the initiative to manage objectives to closure with related stakeholders, while updating management in the appropriate time & manner.





Education:



~ Must be a high school graduate.



~ Bachelors degree required.



~ Masters degree a plus.





Related Experience:





~ Ten years of similar experience in a complex organization conducting planning, process consulting and policy and procedure development and deployment.



~ Ten years of experience in IT strategy development, operation, implementation.



~ Experience in cybersecurity governance risk and compliance development with planning to drive issues to closure



~ Experience in leading IT incident response teams



~ Experience in Cybersecurity Project management: Project plan creation, implementation, and lead



~ Experience in Policy and Procedure development and implementation.



~ Experience creating and presenting executive facing presentations and reports.



~ Knowledge and understanding of secure networks, firewalls and intrusion-detection /prevention systems (IDS/IPS)



~ Working knowledge of Consumer Privacy initiatives



~ Experience in 3rd party cybersecurity assessments.





~ Experience in 3rd party cloud cybersecurity controls



~ Expertise or working level understanding of Identity and Access Management, Mobile & Web Application Security, Data Security in storage and transit, Privacy, and threat monitoring



~ Expertise or working level understanding of physical security, not limited to: Wi-Fi networks, computers, mobile devices, badge readers, building utility networks.



~ Experience in the following Standards/Regulations/Best Practices/Frameworks, but not limited to:



ISO 27001/2, 27017/18, 27701, 27035; CCPA / CPRA; PCI-DSS, NIST 800 series: 800-53, 800-61, 800-63; CVSS; CIS Top 20; OWASP Top Ten, COBIT





Skill/Knowledge:



~ Strong skills in process analysis, consulting and documentation.



~ The ability to manage by influence as well as authority.



~ Ability to work on multiple projects and set priorities.



~Ability to develop project plans, operationalize and manage plans.



~ Ability to lead teams from multiple organizations.



~ Ability to assess operational and strategic strengths/weaknesses and make recommendations to leverage or augment.



~ Strong written and oral communication skills.



~ Strong interpersonal skills.





Certification required:





~ Required: One or more of the following certifications:



1. (CISSP) Certified Information Systems Security Professional



2. (CISM) Certified Information Security Manager, 3. (CISA) Certified Information Systems Auditor



4. (GIAC)Global Information Assurance Certification



5. (CRISC) Certified in Risk and Information Systems Control





Physical requirements:



~ Normal office duties.




Our Company adheres to the equal employment opportunity guidelines set forth by federal, state and local laws. The information requested on this form is sought in good faith and will not be used to discriminate against the applicant based on race, religion or creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic characteristics, marital status, sex or gender (which includes pregnancy, childbirth, or related circumstances), gender identity, gender expression, age, citizenship, sexual orientation, family care or medical leavestatus, military and veteran status, political affiliation, or any other characteristic protected by federal, state and local laws.







Posted: 2021-09-08 Expires: 2021-10-07
Sponsored by:
ADP Logo
Sponsored by:
Bank of America Logo

Featured Jobs[ View All ]

Featured Employers

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Senior Group Manager, Enterprise Cybersecurity

Hyundai Motor America
Fountain Valley, CA 92708

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast