This site uses cookies. To find out more, see our Cookies Policy

Manager, Information Security Risk Mgmt II in Newport Beach, CA at Hyundai Capital America

Date Posted: 5/24/2018

Job Snapshot

Job Description

General Summary

The Manager, Information Security Risk Mgmt II develops, manages, and supports internal/external risk assessment programs, vendor assessment programs, policy exceptions, and audit remediation execution. Aligns InfoSec risk management activities with business objectives and risk tolerance; identifies and mitigates potential risks through threat analysis; and supports initiatives for HCA global standards and compliance. The position will excel at building stakeholder partnership, sound judgment, and learning agility.

Duties and Responsibilities

Lead the Cybersecurity regulatory programs and initiatives to support business objectives and manage risks to an acceptable level.

Assist with the execution of Risk Management initiatives (including Identity and Access Management, Vulnerability Management and Vendor Risk Management).

Develop and execute Risk Assessments and Analysis initiatives including the design and integration of solutions for risk assessments (internal or external assessments).

Develop and execute programs and processes to ensure compliance with the Global Governance Policy.  Collaborate with global counterparts to ensure alignment.

Manage Audit Remediation initiatives across the infrastructure and information systems to satisfy compliance requirements and manage risks to an acceptable level.

Perform all other duties as assigned.

Knowledge and Skills

Information Risk Management and Compliance tasks and knowledge (e.g. asset classification, risk assessments, vulnerability and threat analysis, risk treatment, audit controls and remediation, vendor risk management, and risk monitoring) & reporting.

Working knowledge of Information Security & Risk Frameworks including ISO 27001/2, ISO 31000:2009, ISO 27005:2008; NIST Special Publications and Methodologies (e.g. SP800-12, 30, 37, 39, 150, 161).

Working knowledge of Gramm-Leach-Bliley Act (GLBA), NYDFS Cybersecurity Regulation, Sarbanes Oxley Act (SOX), Payment Card Industry (PCI), or other related regulatory requirements.

Inter-Department collaboration, business requirement alignment orchestration, and business process mapping.

Excellent verbal and written communication skills with strong ability to present persuasive ideas.


Education and Experience

Bachelor’s degree preferably in Computer Science, Information Security, IT, or other related area of study.

6 – 8 years progressive experience in information security is required. 10 years progressive experience in information technology/security overall is required.

CISSP, CISM, CISA, ITIL, or other related information security certification is required.

Project management experience and financial industry experience preferred.

Physical Requirements and Working Condition

Employees in this class are subject to extended periods of sitting, standing and walking, vision to monitor and moderate noise levels. Work is performed in an office environment.


Primary Location:  United States-California-Newport Beach
Work Locations:  
Headquarters 2 (HCA_HQ2)
4000 MacArthur Blvd. Ste 1000 West Tower
Newport Beach, 92660


Job:  Information Protection
Job Type:  Regular
Job Level:  Manager with Direct Reports
Schedule:  Full-time
Job Posting:  Apr 6, 2018