Hyundai AutoEver America · 1 month ago
10393 - Security Strategy and Risk Management HOD
Irvine, CA
Full-time
Onsite
Director/Executive
$181K/yr - $259K/yr
15+ years expHyundai AutoEver America (HAEA) is a leading IT services provider for the Hyundai Motor Corporation. They are seeking a Security Strategy and Risk Management Head of Department to oversee governance, risk management, compliance, and strategic planning within the Information Security program.
Automotive
Responsibilities
Lead enterprise-wide risk assessment, risk issue management, and risk exception management to ensure ongoing visibility and treatment of information security and operational risks
Maintain and enhance risk management frameworks aligned with industry best practices (NIST, ISO, etc)
Deliver insightful, data-driven risk reporting to senior leadership, governance bodies, and business units and fellow heads of department
Oversee the Information Security compliance and control assurance program, ensuring alignment with regulatory requirements and industry frameworks (ISO 27001, SOC 2, NIST, PCI DSS, etc.)
Lead coordination of internal and external audits, assessments, and certification processes
Partner with Legal, Privacy, and other control functions to ensure controls are consistent implemented and effectively
Lead the Third-Party Risk Management (TPRM) program, utilizing a risk-based due diligence, ongoing monitoring, and remediation process
Collaborate with Procurement, Legal, and business stakeholders to ensure integration of vendor risk management into the enterprise risk framework
Oversee creation, governance, maintenance, and communication of Information Security policies, standards, and procedures
Manage policy exceptions, ensuring risk-aware and consistent decision-making aligned with regulatory and corporate expectations
Direct the Information Security Training and Awareness program, promoting a strong security culture throughout the organization
Develop metrics and campaigns to measure awareness effectiveness and employee engagement
Partner with the CISO to define and maintain the Information Security strategic roadmap, ensuring alignment with business goals, customer expectations, and risk priorities
Drive annual and multi-year planning, capability development, and maturity improvement initiatives
Translate strategy into clear programs, timelines, milestones, and measurable outcomes
Lead budget planning, forecasting, tracking, and optimization for the full Information Security organization
Ensure financial transparency and cost-efficiency across tools, services, staffing, and initiatives
Oversee resource and capacity planning across global security teams, ensuring proper allocation of FTEs, contractors, and service providers
Partner with HR and Talent teams to shape hiring strategies, workforce development, and organizational design
Develop and maintain dashboards and reporting structures for Key Performance Indicators (KPIs), Key Risk Indicators (KRIs), and OKRs across the Information Security program
Ensure accurate Customer Business Unit (CBU) service delivery monitoring, SLA performance, and operational effectiveness assessments
Provide executive-level reporting that enables informed decision-making and continuous improvement
Build, lead, and mentor a team across IRM, strategy, and planning functions
Act as a trusted advisor to other senior leaders on risk posture, compliance maturity, strategic performance, and organizational priorities
Foster strong business partnerships, ensuring transparency, collaboration, and shared accountability for risk and security outcomes
Qualification
Required
15–20 years of progressive experience across Information Security, GRC/Risk Management, customer/vendor security management and/or strategic operations
Bachelor's degree in Cybersecurity, Information Technology, Risk Management, Business Administration or a related discipline
Excellent stakeholder management, communication, and leadership skills
Demonstrated experience working across multi-disciplinary teams to achieve common objectives
Proficient in English for effective communication and coordination
Preferred
Masters degree in Cybersecurity, Risk Management or Business Administration is preferred
Industry-recognized credentials such as PMP, PRINCE2, CISA, CISM, or CISSP are highly desirable
Familiarity with ISO 27001, NIST CSF, SOC2 Type II or similar security and risk management frameworks is an advantage
Bi-lingual in English and Korean language proficiency is preferred to support global coordination and communication
Background in cybersecurity consulting or advisory services, particularly in risk management, is a plus
Company
Hyundai AutoEver America
Hyundai AutoEver is an automobile sales internet company.
201-500 employees
H1B Sponsorship
Hyundai AutoEver America has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (24)
2024 (22)
2023 (12)
2022 (12)
2021 (15)
2020 (11)
Funding
Current Stage
Public CompanyTotal Funding
unknown2019-03-28IPO
Leadership Team
Steve Basra
Chief Operating Officer & Chief Digital Information Officer
Recent News
2025-11-11
2025-11-08
2025-11-08
Company data provided by crunchbase