Sr. Cybersecurity Architect

Job Description - Sr. Cybersecurity Architect (250000BC)

Who We Are

Hyundai Capital America offers a wide range of financial products through Hyundai Motor Finance, Genesis Finance, and Kia Finance, serving over 2 million consumers and businesses with vehicle financing, leasing, subscription, and insurance solutions. We are committed to growth, innovation, and diversity, aiming to enhance customer and dealer experiences with new products. We support our team members' development and career growth. Hyundai Capital America is an Equal Opportunity Employer fostering a diverse and inclusive culture, supporting communities through volunteering, philanthropy, and Employee Resource Groups. Our goal is to lead in financing freedom of movement.

We Take Care of Our People

Our employees enjoy competitive pay and benefits, including:

• Medical, Dental, and Vision plans with no-cost and low-cost options
• Immediate 401(k) matching and vesting
• Vehicle purchase and lease discounts, plus monthly allowances
• Paid Volunteer Time Off with company donations to charities

What to Expect

The Sr. Cybersecurity Architect will design, implement, and maintain cybersecurity architecture to safeguard financial systems, customer data, and infrastructure. Reporting to the Sr. Manager, Security Engineering & Architecture, this role focuses on creating secure solutions for networks, cloud, endpoints, and applications, emphasizing IAM, DLP, and compliance with financial regulations such as PCI DSS, GDPR, Korean SOX, and FFIEC.

What You Will Do

1. Cybersecurity Architecture Design:

• Develop scalable, resilient cybersecurity architectures for on-premises, cloud (AWS, Azure, Google Cloud, Oracle Cloud), and hybrid environments, aligned with zero-trust principles and security standards. Support long-term cybersecurity strategy.
• Design secure network configurations, including firewalls, IDS/IPS, and gateways, to protect transactions and data flows.
• Create cloud-native security architectures using tools like AWS IAM, Azure Security Center, and encryption methods.
• Design endpoint and application security, integrating with DevSecOps pipelines for financial applications.

• Collaborate on IAM architecture, implementing RBAC, MFA, and PAM with tools like SailPoint and CyberArk.
• Incorporate DLP controls, working with teams using tools like Symantec DLP and Microsoft Purview.
• Architect within a zero-trust model, enforcing least privilege and continuous verification.

• Conduct threat modeling and risk assessments to identify vulnerabilities, proposing mitigations.
• Define security controls based on standards like NIST 800-53, CIS, ISO 27001 to address threats.
• Support penetration testing to validate designs and remediate weaknesses.

• Ensure architecture complies with regulations like PCI DSS, GDPR, Korean SOX, FFIEC, NYDFS.
• Contribute to cybersecurity policies and standards.
• Assess third-party vendors and MSSPs for compatibility and compliance.

• Partner with various teams to integrate security into digital initiatives like cloud migrations and fintech innovations.
• Research emerging cybersecurity technologies, such as AI threat detection and passwordless auth.
• Design automated security workflows using SOAR platforms to enhance incident response.
• Mentor junior staff and promote security awareness.

• Create and maintain architectural diagrams, design documents, and runbooks.
• Present designs and assessments to leadership, explaining business impacts.
• Develop metrics to evaluate architecture effectiveness and drive improvements.

Qualifications

What You Will Bring

• Minimum 8 years of experience in cybersecurity architecture or engineering.
• At least 3 years in financial services, with knowledge of financial threats and regulations.
• Experience designing secure network, cloud, endpoint, and application environments.
• Proven ability to integrate IAM and DLP solutions into architecture.
• Bachelor’s in Computer Science, Information Security, or related; Master’s preferred.
• Certifications such as CISSP, CCSP, CISM, TOGAF, or equivalent.
• Cloud security certifications (AWS, Azure) are a plus.

Technical Skills

• Expertise in network security, cloud security, endpoint protection, and security frameworks (NIST, ISO 27001, COBIT).
• Proficiency with SIEM, SOAR, threat intelligence platforms.
• Experience with SDLC, DevSecOps, scripting (Python, PowerShell, Terraform).
• Knowledge of financial systems and their security needs.

Soft Skills

• Strong problem-solving and communication skills.
• Ability to align security architecture with business and regulatory goals.

Preferred

• Experience with AI cybersecurity tools, zero-trust, SASE, decentralized identity.
• Knowledge of encryption, tokenization, secure APIs.
• Experience working with MSSPs and threat modeling frameworks.

Note: Employees may sit, stand, walk, monitor, and work in an office environment. Salary range varies based on skills, experience, location, and organizational needs. This notice pertains to California residents, with contact info provided for privacy inquiries.