Integrated Risk Management Head of Department (HOD) jobs in United States
info-icon
This job has closed.
company-logo

Hyundai AutoEver America · 2 months ago

Integrated Risk Management Head of Department (HOD)

positionIrvine, CA
timeFull-time
remoteOnsite
seniorityDirector/Executive
money$181K/yr - $259K/yr
date15+ years exp

Hyundai AutoEver America is a key affiliate of Hyundai Motor Corporation, providing cutting-edge IT services and support. The Integrated Risk Management Head of Department is a senior leadership role responsible for governance, risk, and compliance functions to manage information security risk across the enterprise and business units.

Automotive
check
H1B Sponsor Likelynote

Responsibilities

Oversee the enterprise-wide risk management lifecycle, including risk assessments, risk issue management, and risk exception management processes
Develop, update and maintain frameworks for identifying, assessing, mitigating, and monitoring security and operational risks
Ensure that risk posture and metrics are accurately reported to executive leadership, governance committees, business units and fellow heads of department
Lead the Information Security compliance program, ensuring alignment with regulatory and industry frameworks (e.g., ISO 27001, SOC 2, NIST, etc)
Coordinate and manage internal and external audits, assessments, and attestations
Partner with Legal, Privacy, and other control functions to ensure consistent and effective control implementation and testing
Lead the Third-Party Risk Management (TPRM) program, utilizing a risk-based due diligence, ongoing monitoring, and remediation process
Collaborate with Procurement, Legal, and business stakeholders to ensure integration of vendor risk management into the enterprise risk framework
Oversee the maintenance and governance of information security policies, standards, and procedures
Ensure policies reflect best practices, regulatory expectations, and evolving threat landscapes
Establish governance forums for policy exceptions and periodic reviews
Ensure adoption of relevant policies and standards across business units
Direct the Information Security Training and Awareness program, promoting a strong security culture throughout the organization
Develop metrics and campaigns to measure awareness effectiveness and employee engagement
Serve as a trusted advisor to the CISO and executive management, providing insights on risk posture, compliance maturity, and control effectiveness
Build and lead a high-performing, GRC team across North America
Lead the maintenance, and continuous evolution of the GRC platform to meet enterprise and business unit needs
Drive continuous improvement through automation, data-driven decision-making, and integration of IRM technologies and platforms

Qualification

Information SecurityGovernanceRiskComplianceRisk Management FrameworksStakeholder ManagementISO 27001NIST CSFSOC 2CISSPCISMTrainingAwarenessClient-Facing ExperienceBi-lingual in EnglishKoreanCommunication SkillsLeadership Skills

Required

15–20 years of progressive experience in Information Security and GRC
Proven track record managing global risk and compliance programs in complex, multinational organizations
Familiarity with ISO 27001, NIST CSF, SOC2 Type II or similar security and risk management frameworks
Experience leading audits, certifications, and regulatory assessments
Strong stakeholder management and communication skills, with the ability to influence across all organizational levels and business units
Bachelor's degree in Information Security, Risk Management, or related field

Preferred

Masters degree in Cybersecurity, Risk Management or Business Administration is preferred
Industry-recognized credentials such as CISSP, CISM, CRISC, CGEIT, ISO 27001 Lead Implementer/Auditor) preferred
Deep understanding of risk management frameworks (NIST, ISO 31000, COSO), security standards (ISO 27001, NIST CSF), and regulatory requirements (GDPR, PCI DSS, etc.) is preferred
Bi-lingual in English and Korean language proficiency is preferred to support global coordination and communication
Background in cybersecurity consulting or advisory services, particularly in risk management, is a plus

Company

Hyundai AutoEver America

twittertwitter
company-logo
Hyundai AutoEver is an automobile sales internet company.
dateFounded in 2005
location
Fountain Valley, California, USA
people-size201-500 employees
web-link
https://www.autoeveramerica.com

H1B Sponsorship

Hyundai AutoEver America has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (24)
2024 (22)
2023 (12)
2022 (12)
2021 (15)
2020 (11)

Funding

Current Stage
Public Company
Total Funding
unknown
2019-03-28IPO

Leadership Team

leader-logo
Steve Basra
Chief Operating Officer & Chief Digital Information Officer
linkedin

Recent News

Security Week
Automotive IT Firm Hyundai AutoEver Discloses Data Breach
2025-11-11
Lynch Carpenter
Hyundai AutoEver America Data Breach Claims Investigated by Lynch Carpenter
2025-11-08
TechChannel News
Data breach at Hyundai AutoEver America exposes 2.7m customer data
2025-11-08
Company data provided by crunchbase