Director

Job Description - Director, IT Governance, Risk & Control Functions (Q)

Job Description

Description

Who We Are: Through our service brands Hyundai Motor Finance, Genesis Finance , and Kia Motors Finance, we provide financial products tailored to meet the needs of Hyundai, Genesis, and Kia dealerships nationwide, including dealer inventory and facility financing. And, through these dealerships, we provide indirect vehicle financing and leasing solutions to over 1.7 million retail customers.

Employee Value Prop and Culture: Our employees contribute every day to a culture that is fast-paced, dynamic, energized, agile, and collaborative.

From our various engagement programs to the unique design of our offices, we strive to foster a connected, fun, positive and rewarding company culture where employees feel appreciated for their contributions, proud of their company, and thrive to be passionately invested in HCA's success.

Global One Company:

Many countries. One identity. Hyundai Capital has offices across the world, including China, Canada, the United Kingdom, Germany, Russia, Brazil and Korea. Our work environments are designed with specific themes in mind to achieve a consistent global identity that reflects our values: light, collaboration, elements of nature and symmetry.

General Summary:

The Director, IT Governance, Risk, and Control Functions (GRC) is a key leadership role within the Digital Division of HCA. The role is responsible for ensuring effective governance, managing risks, and maintaining control frameworks to support the organization's objectives. The IT GRC Director will oversee compliance with regulatory requirements, including KSOX, and play a crucial role in internal audit follow-up and system access control.

Duties and Responsibilities:

IT Governance.

Develop, implement, and maintain IT governance frameworks and practices aligned with industry standards and regulatory requirements.

Establish and enforce IT policies, procedures, and controls to mitigate risks and ensure compliance with internal policies and external regulations.

Ensure compliance with industry regulations, particularly Sarbanes-Oxley (SOX, Korean SOX - KSOX)

Lead IT risk assessments and implement mitigation strategies to minimize risks to the organization.

Ensure compliance with relevant laws, regulations, and standards, such as GDPR, SOX, PCI-DSS, etc.

Coordinate and facilitate internal and external audits, ensuring timely resolution of findings and recommendations

Oversee the development, implementation, and enforcement of IT management policies and procedures.

Collaborate with key stakeholders to establish IT priorities, goals, and objectives in support of business strategies.

Monitor and evaluate IT performance metrics to identify areas for improvement and optimization.

Develop and maintain IT disaster recovery and business continuity plans

Knowledge Management

Establish knowledge management processes to capture, organize, and share IT-related information and best practices.

Promote a culture of continuous learning and knowledge sharing among IT staff members.

Implement tools and technologies to facilitate knowledge sharing and collaboration across the organization.

Define and maintain frameworks (Application, Infrastructure, Data etc ) offered to internal stakeholders.

Work closely with service owners to ensure accurate documentation and alignment of services with business requirements.

Access Control Management:

Develop and enforce access control policies and procedures to safeguard sensitive data and systems from unauthorized access. ( Collaborate with information Projection Department)

Implement technologies to streamline user provisioning, authentication, and authorization processes working with information Projection Department

Quality Management:

Establish quality management processes and standards to ensure the reliability, availability, and security of IT systems and services.

Conduct regular quality assessments, and reviews to identify areas for improvement and drive corrective actions

Perform all other duties as assigned.

Knowledge and Skills:

In-depth knowledge of SOX regulations and experience with SOX compliance

Strong understanding of internal audit processes and follow-up activities

Excellent communication and interpersonal skills, with the ability to collaborate across departments.

Analytical mindset and attention to detail.

Qualifications

10+ years of experience in IT governance, risk management, and control functions.

3+ years of managerial experience.

Bachelor's degree in information technology, Computer Science, Business Administration, or a related field. Advanced degree or professional certifications (e.g., CISA, CISSP, CRISC, ITIL) preferred.

Extensive knowledge of IT management frameworks (e.g., COBIT, ISO/IEC 27001, NIST) and best practices for service management and quality assurance

Physical Requirements and Working Condition:

Employees in this class are subject to extended periods of sitting, standing and walking, vision to monitor and moderate noise levels. Work is performed in an office environment.

This notice only applies to our applicants who reside in the State of California.

The latest version of our Privacy Policy can be found here . This Privacy Policy provides you with notice, at or before the point of collection, about the categories of personal information to be collected from you, the purposes for which your personal information is collected or used, and whether that information is sold or shared, so that you can exercise meaningful control over our use of your personal information.We are providing this notice to comply with the California Consumer Privacy Act of 2018, as amended as amended by the California Privacy Rights Act of 2020 ("CCPA").

If you have any questions about CCPA regarding California residents or HCA team members, please contact the Privacy Team at .

Primary Location : United States-California-Newport Beach

Work Locations : Headquarters 2 4000 MacArthur Blvd. Ste 1000 West Tower Newport Beach 92660