10318 - Security Incident Response Manager

Company Overview 
Hyundai AutoEver America (HAEA), the dynamic IT powerhouse behind Hyundai Motor Corporation, a Fortune 500 global leader in the automotive industry. As a key affiliate, we provide cutting-edge IT services and support to top brands including Kia, Genesis, Hyundai Translead, Hyundai Mobis, Hyundai Capital, and Glovis.
HAEA offers a truly global and collaborative environment. Here, you’ll drive innovation, boost operational efficiency, and help shape the future of mobility for the Hyundai Motor Group.
At HAEA, we understand that IT is the cornerstone of today’s fast-evolving digital world. By uniting all IT resources under one roof, we deliver consistent, top-quality solutions while serving as the crucial information link between Hyundai’s Global Headquarters and North American operations.
If you’re passionate about technology and eager to make a real impact at a world-class company, Hyundai AutoEver America is the place to grow your career. Join us and be part of the transformation that’s driving the future of automotive innovation.
 
What You Will Be Doing
This role will lead enterprise-wide incident response efforts, ensuring effective coordination, analysis, and remediation of cybersecurity events. It involves managing the full incident lifecycle, maintaining compliance, and continuously improving response capabilities through planning, testing, and cross-functional collaboration.

• Incident Response Leadership: Directs and coordinates teams across the organization during security investigations and vendor-related incidents, overseeing the full lifecycle from detection to resolution.
• Security Data Analysis: Monitors and evaluate server and network activity to identify vulnerabilities and emerging threats.
• Cybersecurity Incident Management: Serves as the primary point of contact during incidents, managing communications and driving remediation efforts.
• SIRP Development & Testing: Maintains and improves the Security Incident Response Plan (SIRP), aligning with frameworks like NIST, ISO 27035, and MITRE ATT&CK; conducts tabletop exercises to validate readiness.
• Compliance & Reporting: Ensures adherence to legal and regulatory requirements, tracks KPIs, and provides updates to executives and technical teams throughout the response process. 

Basic Qualifications:

• Experience & Leadership: 10-15 years in security operations and incident response, including 2+ years in leadership role managing internal teams and MSSPs during cybersecurity events.
• Education: Bachelor’s degree in Cybersecurity, Information Technology, or a related discipline.
• Technical Expertise: Strong understanding of threat landscapes, attack vectors, malware behavior, and forensic techniques; proficient in using and interpreting data from IR tools like SIEM and EDR.
• Availability & Coordination: Capable of working flexible hours during active incidents to support global response efforts across multiple time zones.
• Language Skills: Proficient in English for effective communication and coordination.

Preferred Qualifications:

• Certifications: Industry-recognized credentials such as GCIH, GCFA, GCIA, GNFA, CISM, or CISSP are highly desirable.
• Language Skills: Bi-lingual in English and Korean language proficiency is preferred to support global coordination and communication.
• Client-Facing Experience: Background in cybersecurity consulting or advisory services, particularly in incident response, is a plus.
• Cloud Security Knowledge: Familiarity with cloud platforms like Azure, AWS, and GCP enhances effectiveness in modern security environments.

Team Culture:
The team fosters a high-performance, collaborative environment centered around proactive cybersecurity defense and rapid incident response. Members are expected to lead with accountability, communicate effectively across functions, and adapt to dynamic challenges. The culture values technical excellence, continuous improvement, and global coordination, ensuring readiness and resilience in the face of evolving threats.

• Collaborative Leadership: Team members lead cross-functional efforts during incidents, coordinating with internal stakeholders, MSSPs, and external partners to drive resolution and maintain transparency.
• Adaptability & Commitment: A strong emphasis is placed on flexibility, including working non-traditional hours and managing global response efforts across time zones.
• Continuous Improvement & Accountability: The team regularly tests and refines incident response plans, tracks performance metrics, and aligns with industry standards to ensure effectiveness and compliance.