Sr Cybersecurity Architect

Who We Are

Through our service brands Hyundai Motor Finance, Genesis Finance, and Kia Finance, Hyundai Capital America offers a wide range of financial products tailored to meet the needs of Hyundai, Genesis, and Kia customers and dealerships. We provide vehicle financing, leasing, subscription, and insurance solutions to over 2 million consumers and businesses. Embodying our commitment to grow, innovate, and diversify, we strive to reimagine the customer and dealer experience and launch innovative new products that broaden our market reach. We believe that success comes from within and are proud to support our team members through skill development and career advancement. Hyundai Capital America is an Equal Opportunity Employer committed to creating a diverse and inclusive culture for our workforce. We are a values-driven company dedicated to supporting both internal and external communities through volunteering, philanthropy, and the empowerment of our Employee Resource Groups. Together, we strive to be the leader in financing freedom of movement.

We Take Care of Our People

Along with competitive pay, as an employee of HCA, you are eligible for the following benefits:

Medical, Dental and Vision plans that include no-cost and low-cost plan options

Immediate 401(k) matching and vesting

Vehicle purchase and lease discounts plus monthly vehicle allowances

Paid Volunteer Time Off with company donation to a charity of your choice

Tuition reimbursement

What to Expect

The Sr. Cybersecurity Architect will be responsible for designing, implementing, and maintaining comprehensive cybersecurity architecture to protect the organization's financial systems, customer data, and infrastructure. Reporting to the Sr. Manager, Security Engineering & Architect, this role will focus on creating secure-by-design solutions for networks, cloud environments, endpoints, and applications, with an emphasis on Identity and Access Management (IAM), Data Loss Prevention (DLP), and compliance with financial regulations (e.g., PCI DSS, GDPR, Korean SOX, FFIEC).

What You Will Do

1. Cybersecurity Architecture Design:

Secure Architecture Development: Design and implement scalable, resilient cybersecurity architecture for on-premises, cloud (e.g., AWS, Azure, Google Cloud and Oracle Cloud), and hybrid environments, ensuring alignment with zero-trust principles and financial security requirements. Support the long-term HCA Cybersecurity Technology Roadmap Strategy.

Network Security: Architect secure network configurations, including firewalls (e.g., Palo Alto), intrusion detection/prevention systems (IDS/IPS), and secure gateways, to protect financial transactions and data flows.

Cloud Security: Develop cloud-native security architectures, leveraging tools like AWS IAM, Azure Security Center, and native encryption to secure multi-cloud and hybrid environments.

Endpoint and Application Security: Design endpoint protection (e.g., CrowdStrike, Netskope, etc.) and secure application architectures, integrating with DevSecOps pipelines for financial applications.

2. Integration with IAM and DLP:

IAM Architecture: Collaborate with the IAM team to design and integrate identity and access management solutions (e.g., SailPoint, CyberArk), implementing role-based access control (RBAC), multi-factor authentication (MFA), and privileged access management (PAM).

DLP Integration: Work with the DLP team to incorporate data loss prevention controls (e.g., Symantec DLP, Microsoft Purview) into architectural designs, ensuring protection of sensitive financial data (e.g., PII, payment card data) across endpoints, networks, and cloud.

Zero-Trust Framework: Architect IAM and DLP solutions within a zero-trust model, enforcing least privilege and continuous verification for all users, devices, and applications.

3. Threat Modeling and Risk Management:

Threat Modeling: Conduct threat modeling and risk assessments to identify vulnerabilities in financial systems, applications, and third-party integrations, proposing mitigations to reduce risk.

Security Controls: Collaborate with Information Protection Governance team to define and implement security controls based on industry standards (e.g., NIST 800-53, CIS Benchmarks, ISO 27001) to address financial threats like ransomware, phishing, and insider fraud.

Penetration Testing Support: Collaborate with penetration testing teams to validate architectural designs and remediate identified weaknesses.

4. Compliance and Regulatory Alignment:

Regulatory Compliance: Ensure cybersecurity architecture meets financial regulations (e.g., PCI DSS, GDPR, Korean SOX, FFIEC, NYDFS) through secure design, documentation, and audit-ready configurations.

Policy Development: Contribute to the development of cybersecurity policies and standards, ensuring architectural designs align with regulatory and organizational requirements.

Vendor Evaluation: Assess third-party vendors and Managed Security Service Providers (MSSPs) for compatibility with architectural designs and compliance needs.

5. Collaboration and Innovation:

Cross-Functional Collaboration: Partner with IT Infrastructure and IT Application teams, DevOps, IAM, DLP, Security Operations, Information Protection Governance and business units to integrate security into digital transformation initiatives, such as cloud migrations, fintech innovations, and core banking systems.

Technology Evaluation: Research and evaluate emerging cybersecurity technologies (e.g., AI-driven threat detection, passwordless authentication) to enhance architectural resilience and efficiency.

Automation and Orchestration: Design automated security workflows using tools like SOAR platforms (e.g., Splunk SOAR, Palo Alto Cortex) to improve incident response and operational efficiency.

Knowledge Sharing: Mentor junior architects and engineers, sharing best practices and fostering a culture of security awareness across the organization.

6. Documentation and Reporting:

Architecture Documentation: Create and maintain detailed architectural diagrams, design documents, and runbooks to support implementation, audits, and incident response.

Executive Communication: Present architectural designs, risk assessments, and recommendations to the Director of Cybersecurity, CISO, and senior leadership, articulating business impacts.

Metrics and Validation: Develop metrics to validate architectural effectiveness (e.g., threat detection coverage, compliance adherence) and drive continuous improvement.