Associate, IT Governance, Risk, and Control

Company: Hyundai America
Location: Newport Beach
Posted on: March 17, 2023

Job Description:

Description




Who We Are: Through our service brands Hyundai Motor Finance, Genesis Finance*, and Kia Motors Finance, we provide financial products tailored to meet the needs of Hyundai, Genesis, and Kia dealerships nationwide, including dealer inventory and facility financing. And, through these dealerships, we provide indirect vehicle financing and leasing solutions to over 1.7 million retail customers.


Employee Value Prop and Culture: Our employees contribute every day to a culture that is fast-paced, dynamic, energized, agile, and collaborative.

From our various engagement programs to the unique design of our offices, we strive to foster a connected, fun, positive and rewarding company culture where employees feel appreciated for their contributions, proud of their company, and thrive to be passionately invested in HCA's success.


Global One Company:


Many countries. One identity. Hyundai Capital has offices across the world, including China, Canada, the United Kingdom, Germany, Russia, Brazil and Korea. Our work environments are designed with specific themes in mind to achieve a consistent global identity that reflects our values: light, collaboration, elements of nature and symmetry.


General Summary:


The IT Governance, Risk, and Control Associate will report to the IT Governance, Risk, and Compliance (GRC) Manager. As the IT Governance Associate, you are responsible for:

• Supporting and maintaining IT Governance program including Application, Infrastructure, IT Documentation Life Cycle management, IT Risk management, business continuity plans, and disaster recovery plans.
• Reviewing, writing, and maintaining IT policies, operating procedures, standards, manuals, and other evidentiary documents to assure effectiveness and compliance across processes and process owners.
• Understanding FFIEC, FDIC, KSOX, and other financial industry regulatory policies to ensure that IT policies and procedures do not violate any existing laws.
  Duties and Responsibilities:
  
  
• Support SOX activities related to IT General Controls (ITGCs) across all segments with emphasis on Information Security, Change Management, and Computer Operations:
  • Conduct, support, and track testing activities.
  • Partner with stakeholders on KSOX related efforts, such as documentation of in-scope applications, systems, and databases, identification of key controls, development of test plans, and remediation of control deficiencies.
  • Support regulatory and audit related activities, including:
    • Tracking, monitoring, and reporting on gaps / deficiencies and remediation plans. Follow up with owners on resolution.
    • Perform compliance test, and support moderation of regulatory compliance program and initiatives e.g., IT Governance, FFIEC, FDIC, KSOX.
    • Identify and prepare documentation to create clarity around requests and enhance standardized and consistent responses.
    • Prepare materials for meetings, presentations, and status reports.
    • In relation to regulations identified with potential impact to HCA IT applications, infrastructure, and processes:
      • Conduct research on regulations.
      • Determine impacts HCA and IT processes and components.
      • Identify and document requirements, stakeholders, and affected processes.
      • Facilitate sessions with stakeholders to define how to implement requirements, modify processes, monitor, and measure adherence to the regulations, and identify gaps.
      • Prepare implementation and rollout plans. Manage to the plan.
      • Formalize and create sustainable implementation through documentation including policies, procedures, and guides, and training.
      • Create awareness through communications.
        • Establish measurement and monitoring of implementation effectiveness, including dashboards and reporting.
        • Establish procedures for control testing and periodic review.
        • Work with key IT and Information Security stakeholders to develop IT policies, procedures, standards, guidelines, and compliance regulations to meet IT Governance requirements.
          • Manage and maintain IT Governance documentation controls.
          • Ensure IT policies, standards, procedures, and guidelines are updated to reflect changes in the business and IT environment. Ensure they are consistent across subject areas and aligned with company policies.
          • Oversee training and dissemination of policies and practices.
          • Identify and address continual improvement opportunities within the IT Governance program.
          • Manage and maintain business continuity plans and disaster recovery plans.
          • Establish framework to incorporate Information Security standards and guidelines to IT components and processes. Implement these into IT.
          • Support IT Risk Management, including:
            • Contributing to establishing a framework for the Risk Management program.
            • Performing risk assessments.
            • Monitoring risks: following up with stakeholders to have risks addressed.
            • Perform all other duties as assigned.
              
              Knowledge and Skills:
              
              
              • Knowledge and/or certifications in GRC tooling (SAP GRC, ServiceNow GRC)
              • Strong understanding of IT applications, infrastructure, security, and processes
              • Strong technical writing/editing experience is a MUST, preferably within policy writing and process documentation
              • Strong project management, organizational, and analytical skills.
              • Advanced user of Microsoft 365 Office suite (Word, Excel, SharePoint, Teams, etc.)
              • Ability to establish and maintain strong relationships
                
                
                
                
                Qualifications
                
                
                
                
                
                • 5 years working in various IT functions, preferably in the financial services industry
                • 3-4 years of IT Governance/documentation/compliance related experience
                • Bachelor's Degree, Business, or related field
                  Physical Requirements and Working Condition:
                  
                  
                  Employees in this class are subject to extended periods of sitting, standing, and walking, vision to monitor and moderate noise levels. Work is performed in an office environment.
                  
                  
                  
                  California Privacy Notice
                  
                  
                  This notice only applies to our applicants who reside in the State of California.
                  
                  The latest version of our Privacy Policy can be found here. This Privacy Policy provides you with notice, at or before the point of collection, about the categories of personal information to be collected from you, the purposes for which your personal information is collected or used, and whether that information is sold or shared, so that you can exercise meaningful control over our use of your personal information.We are providing this notice to comply with the California Consumer Privacy Act of 2018, as amended as amended by the California Privacy Rights Act of 2020 ("CCPA").
                  
                  If you have any questions about CCPA regarding California residents or HCA team members, please contact the Privacy Team at

Keywords: Hyundai America, Newport Beach , Associate, IT Governance, Risk, and Control, Other , Newport Beach, California