HISNA (Hyundai Information Service North America) is a subsidiary of Hyundai and Kia Motor companies specializing in IT services. HISNA was formed 7 years ago and is committed to providing world-class technology services to its clients (of Hyundai and Kia Motor companies) throughout North America. We are growing and We are looking for people to help us make history for years beyond.
The process owner for the development and implementation of a corporate-wide information security program and ongoing activities to preserve the availability, integrity and confidentiality of Company information resources in compliance with the organization policies and standards.
Consults and partners with other technical services groups and CBU (Client Business Unit) functional groups to enforce and verify compliance of security standards throughout the environment and advising advancements in information security technologies and related regulatory changes in legislation/standards that affect information security
Required Skills, Attributes & Educaion :
- Documents the information security policies and procedures instituted by the organization's Information Security Committee and coordinates the activities with the committees.
- Gathers and organizes technical information about the organization's mission goals and needs, existing security products, and ongoing programs in the information security arena.
- Monitor changes in federal and state regulations and accreditation standards affecting information security, and to make recommendations on the need for policy changes.
- Monitors compliance with the organization's information security policies and procedures among employees, contractors, alliances, and other third parties, and referring problems to appropriate managements of both HISNA and its clients.
- Initiating, facilitating, and promoting activities to foster information security awareness and training within the organization.
- Needs to understand how to evaluate at systems, assess risk, and assist with designing, developing, engineering, and implementing solutions for information security requirements.
- Perform information security assessments and serves as an internal auditor/consultant for security issues.
- Reviews all application and system development plans throughout the organization from the information security perspective and provide necessary recommendation or correction.
- Monitors the internal control systems to ensure that appropriate access levels are maintained.
- Involve and provide support with 3rd party audit process.
- Involve in preparing the organization's disaster recovery and business continuity plans for information systems.
- Attends conferences and training as required to maintain proficiency.
- Perform other duties as assigned by managements.
HISNA offers an outstanding comprehensive benefits package that includes health insurance, flexible spending accounts, plus much more.
Bachelor's Degree or equivalent (with major course work in computer science or a related field).
'- Mininum of five (5) years of progressive experience in auditing and information security.
- Establishment of IS strategy & policy for a multi-faceted organization supported by multi-platform environments
- Security assessment and incident-response within a dynamic IT environment
- Disaster Recovery & Business Continuity Plans
- Auditing or evaluations of complex IT controls
- Preventive, detective and corrective controls (Principles and techniques used in system compromise and denial-of-service incidents, as well as basic tools for detecting and preventing such incidents).
- Computer security issues, requirements, trends, laws and accepted industry practice.
- Hardware, software and network architectures and how security policy can best be implemented.
- Ability to work independently and manage time effectively utilizing work and project plans to meet deadlines.
- Ability to verbally communicate technology and information security related issues to various levels of the organization (end-users, IT staff, managers, vendors, contractors, etc.).
Possession of, or ability to obtain, one of the following information security certifications or equivalent is desirable:
- CISM (Certified Information Security Manager)
- CISSP (Certified Information Systems Security Professional)
- CISA (Certified Information Systems Auditor)
*** Please send your resume to firstname.lastname@example.org ***