Specialist - Cybersecurity (IT)

COP Apply URL

Position Summary:

Responsibilities include detecting insecure features and malicious activities within HMMA’s networks and infrastructure. Responsible for implementing customized security assessments for client-based asset risk, corporate policy compliance, as well as conduct vulnerability and compliance assessments. Participate in information security initiatives for multiple IT functional area across the enterprise related to risk management, mitigation and response, compliance, control assurance, and user awareness. Implement security strategies, policies/standards, ensuring the effectiveness of solutions, and act as the organization’s technical resource for cybersecurity. Work on multiple complex projects as a Team Member. Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements are needed.

Essential Functions:

• Participate in security planning and analyst activities. Work in combination with IT Delivery Lead/Manager to ensure security is engaged in projects.
• Maintain an up-to-date understanding of industry best practices. Develop, refine, and implement enterprise-wide security policies, procedures, and standards to meet compliance responsibilities. Monitor the legal and regulatory environment for development. Monitor compliance with and recommend required changes to IT policies standards, guidelines, and procedures. Ensure security compliance with legal and regulatory standards.
• Develop processes and procedures for the information security governance program, including control document reviews, participant assessment preparation, meeting coordination, assessment finding mediation, assisting control owner with remediation plan development, tracking findings through remediation, progress monitoring, reporting, and escalation. 
• Engage directly with the business to gather a full understanding of project scope and business requirements. Provide security-related guidance on business processes. Work closely with IT and development teams to design secure infrastructure solutions and applications, facilitating the implementation of protective and mitigating controls. 
• Work directly with the customers, third parties, and other internal departments and organizations to facilitate information security risk analysis and risk management processes and to identify acceptable levels of residual risk.
• Respond to security incidents and investigations of suspect areas. Consult on teams to resolve issues that are uncovered by various internal and third party monitoring tools. Identify and resolve root causes of security-related problems.
• Develop and deliver security awareness and compliance training programs. Conduct knowledge transfer training sessions to security operations team upon technology implementation.
• Track and manage HMMA Team Member USB and VPN access and audit the operational implementation by Hyundai AutoEver America.
• Respond to cybersecurity incidents, and acts as escalation point for high-priority or highly complex incidents.
• Remains current on best practices, threat intelligence, and technology advances in the areas of cybersecurity.
• Evaluate and test security related technologies. Troubleshoot and recommend improvements to security and data related problems.
• Define performance criteria and documents configurations and system specifications.
• Provide regular and special reporting, including reports of risks, control deficiencies, remediation strategies, and performance metrics.
• Monitor and operate intrusion systems, SIEM, and other tools to detect, research, analyze, respond to, and provide mitigation plans to information security related vulnerabilities, threats, and incidents. 
• Administer, coordinate, and comply with all Business Management System (BMS), Environmental Management System (EMS), and Safety Management System (SMS) requirements.
• Meet all other requirements as assigned. 

Position Requirements:

Education:

• Bachelor’s Degree in Information Technology or equivalent preferred

Related Experience:

• 0 – 10 years job related experience preferred 

Training / Certification:

• Security certifications (Security +, CISSP) preferred

Skills / Knowledge:

• Ability to think logically and to analyze issues and implement appropriate solutions
• Ability to follow written and verbal instructions
• Ability to plan, organize, coordinate work assignments 
• Ability to complete projects on time
• Ability to work well in a team environment 

Additional Information:

Position may require occasional travel (domestic or foreign). Flexibility in working hours to include weekends, holidays, and off shift. Position may require on-call duty or overtime due to overall responsibility.