This job listing has expired and the position may no longer be open for hire.

Senior Manager, Enterprise Cyber-Security, Business Continuity Planning & Disaster Recovery at Hyundai Motor America

Posted in Management 30+ days ago.

This job brought to you by eQuest

Type: Full-Time
Location: Fountain Valley, California





Job Description:

At Hyundai, we’ve rethought our business and created cars that combine performance, quality, design and innovation into a complete package.

It’s time you rethink what you expect from an employer.

At Hyundai, we understand you're not just building a career – you're building a life. We believe in our people and realize that our success is a direct result of our commitment in offering you great opportunities for your career. If you would enjoy working in a dynamic environment and are looking for a chance to become part of a stellar team of professionals, we invite you to apply online today.

 


Purpose:

~ Senior Manager, Enterprise Cyber-Security, Business Continuity and Disaster Recovery is responsible for establishing and deploying the HMA overall HMA enterprise wide Cyber Security, Business Continuity Planning and Disaster Recovery policies and procedures.  The authority of this role is governed by the HMA Executive Committee, IT Steering Committee and the VP of Corp and Product Planning and Exec Director of Digital Business Planning.  This role is expected to be the coordination leader working with the guidance of the HMA Legal/Privacy lead and related HMC groups as well as with the  cooperation and support of various other HMA internal and affiliated groups (e.g.; vehicle cyber, IT cyber, IT strategy, purchasing, administration, etc.).   This role will also be the Incident Response Lead for low and medium level, cyber, business continuity and disaster recovery events. Strong business acumen will be critical in articulating to HMA executives and collaborating with HMA and affiliated business groups the strategies, methods and tactics required for these types of business policies and procedures.  Success will require sophisticated process, technology and project management skills, as well as strong analytical, communication and process documentation skills. Additionally, it will require the ability to lead stakeholders while driving issues and/or programs to closure.

 

Major Responsibilities:

~ Lead the Cyber-Security Incident Response team for initial event triage, low and medium level events.

~ Oversee HAEA (HAEA is HMA’s IT affiliate) alignment to ISO 270001/2

~ Primary subject matter expert (SME) and developer for Cyber-Security policies and procedures.

~ Chair the committee for developing, gaining approval of and implementing HMA end to end Cyber-Security policies and procedures.

~ Partner with and follow guidance of HMA Privacy office.

~ Guide and coordinate with HMA Vehicle Cyber lead, Hyundai AutoEver America (HAEA) Cyber Principal,  HMA Digital Business Planning & Connected Ops (and other HMA business teams in Planning, Marketing, Sales, Service), Hyundai group affiliates, HMA Purchasing and Legal for 3rd Party policies and procedures.

~ Coordinate with HAEA on review and remediation of attack and penetration testing results.

~ Coordinate with HMA DBP and HAEA on ensuring secure stage gate processes are being followed.

~ Coordinate with HMA Legal in support of e-Discovery.

~ Coordinate with HAEA on periodic review of security architecture.

~ Escalate to and support the Legal/Privacy led Incident Response team for high/critical level events.

~ Collaborate with Legal/Privacy to conduct audits/simulations to test and enhance the Cyber P & Ps.

~ Develop risk mitigation strategies and enterprise-wide security programs.

~ Liaise with HMA Privacy office in selection and retention of forensic research firm(s). Expertise or working level understanding of Identity and Access Management, Application Security, Data Security and Privacy, and Security Monitoring.

~ Knowledge and understanding on the creation/implementation of secure networks, firewalls and intrusion-detection /prevention systems (IDS/IPS).

~ Develop the Business Continuity Planning (BCP) processes and programs that identify and mitigate likely threats/risks to key business operations and resources (people, property, and systems), as well as key internal and external dependencies.

~ Chair the committee for developing, gaining approval of and implementing HMA end to end Business Continuity Planning and Disaster Recovery (DR) policies and procedures. Partner with/follow guidance of HMA legal. Partner with HMA Administration and other HMA business teams in Planning, Marketing, Sales, Service as needed.

~ Guide and coordinate with HMA Purchasing, Legal for 3rd Party RFP and Contract Policies.

~ Guide and coordinate with Hyundai Group affiliates as needed.

~ Partner with HMA Legal and Admin to develop and deploy the Business Continuity Planning / Disaster Recovery Security Incident Response procedure and fulfill the role designated within that procedure.

~ Escalate to and support the Legal led Incident Response team for high/critical level events.

~ Primary subject matter expert (SME) for business continuity planning and disaster recovery.

~ Act as a consultant to assist all necessary HMA and affiliated groups to document core business process.

~ As defined by the BCP/DR plan, provide to HMA Digital Business Planning and HAEA the priority and requirements for IT systems necessary to support business continuity.

~ Lead the audit process for BCP/DR to ensure that policies, procedures and operations are documented and operating as defined in the BCP/DR plan.

~ Lead the annual/adhoc BCP/DR table top and simulation exercises to ensure recoverability. Work closely with HAEA to plan these simulations and coordinate with HMA business teams for support.

~ Oversee Data Loss Prevention objectives meet HMA requirements.

~ Lead company cybersecurity awareness seminars and training.

~ Review and provide input to program SOW, SOS, and other business contractual agreements for cybersecurity verbiage inclusion.

~ For all areas of responsibility, develop the business plans/case, resource plan and budgets and manage the approved resources (e.g.  consulting budgets, outsourced project teams, temps, employees) necessary to achieve appropriate level performance.

 

Authority:

~ This position is expected to be the primary SME for Cyber-Security, Business Continuity and Disaster Recovery working under the authority of the HMA Executive Committee, IT Steering Committee, and VP of Corporate & Product Planning. Provide critical thinking to propose ideas or solutions that are in the best interest for the HMA organization. Hiring, termination approving time cards and other Manager related duties may be required for this position depending on level of resources/headcount authorized.

~ This position will also require the individual to take the initiate to objectives to closure with related stakeholders, while updating management in the appropriate time & manner.

 

Education:

~ Bachelor’s degree required.

~ Master’s degree a plus.

 

Related Experience:

~ Eight years of similar experience in a complex organization conducting planning , process consulting and policy and procedure development and deployment  ( ISO or similar).

~ Five to six years of experience in IT strategy development & operation.

~ Strong background in cybersecurity compliance development and oversight (GRC).

~ Strong background in cybersecurity program management (strategy/planning/schedule development/ RACI)

~ Management consulting a plus.

~ Experience creating and presenting executive facing presentations and reports.

~ Working knowledge of Consumer Privacy initiatives.

~ Cybersecurity policy development

 

Skill/Knowledge:

~ Strong skills in process analysis, consulting and documentation.

~ The ability to manage by influence as well as authority.

~ Ability to work on multiple projects and set priorities.

~ Ability to assess operational and strategic strengths/weaknesses and make recommendations to leverage or augment.

~ Strong written and oral communication skills.

~ Strong interpersonal skills.

~ Strong cybersecurity project management and implementation based upon developed plans and RACI

~ Strong Visio, Excel, Word skills

 

Certification required:

~ Required: One or more of the following certifications:

1. (CISSP) Certified Information Systems Security Professional

2. (CISM) Certified Information Security Manager, 3. (CISA) Certified Information Systems Auditor

4. (GIAC)Global Information Assurance Certification

5. (CRISC) Certified in Risk and Information Systems Control

6. (CCIE) Cisco Certified Internetwork Expert

7. (CCNP) Cisco Certified Network Professional

 

Physical requirements:

~ Normal office duties.


 

Our Company adheres to the equal employment opportunity guidelines set forth by federal, state and local laws.  The information requested on this form is sought in good faith and will not be used to discriminate against the applicant based on race, religion or creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic characteristics, marital status, sex or gender (which includes pregnancy, childbirth, or related circumstances), gender identity, gender expression, age, citizenship, sexual orientation, family care or medical leave status, military and veteran status, political affiliation, or any other characteristic protected by federal, state and local laws.