IT Governance and Risk Manager
Hyundai Capital America

Description

Who We Are

Through our service brands Hyundai Motor Finance, Genesis Finance, and Kia Finance, Hyundai Capital America offers a wide range of financial products tailored to meet the needs of Hyundai, Genesis, and Kia customers and dealerships. We provide vehicle financing, leasing, subscription, and insurance solutions to over 3 million consumers and businesses. Embodying our commitment to grow, innovate, and diversify, we strive to reimagine the customer and dealer experience and launch innovative new products that broaden our market reach. We believe that success comes from within and are proud to support our team members through skill development and career advancement. Hyundai Capital America is an Equal Opportunity Employer committed to creating a diverse and inclusive culture for our workforce. We are a values-driven company dedicated to supporting both internal and external communities through volunteering, philanthropy, and the empowerment of our Employee Resource Groups. Together, we strive to be the leader in financing freedom of movement.

We Take Care of Our People

Along with competitive pay, as an employee of HCA, you are eligible for:

• Medical, dental, and vision plans with no-cost and low-cost options

• Annual employer HSA contribution

• 401(k) matching and immediate vesting

• Vehicle purchase and lease discounts, plus monthly vehicle allowances by job level:

o Associate / Sr. Associate: $350

o Manager / Sr. Manager: $600

o Director: $800

o Executive Director: $900

o VP or Above: $1,000

• 100% employer-paid life and disability insurance

• No-cost health and wellbeing programs, including a gym benefit

• Six weeks of paid parental leave

• Paid Volunteer Time Off, plus a company donation to a charity of your choice

What to Expect

The IT Governance & Risk Manager supports the organization's technology governance and risk objectives by ensuring IT controls, policies, and processes are effectively designed, implemented, and operating as intended. This role strengthens audit readiness and risk oversight across enterprise technology environments by partnering with IT teams, Cybersecurity GRC, and VMO GRC. This role provides hands ‑ on support for pre ‑ audit control testing, IT risk assessments, policy implementation, and mitigation tracking, while promoting consistent, well ‑ documented, and repeatable governance practices.

What You Will Do

1. Develop, implement and maintain IT governance frameworks, policies, and standards.

2. Perform pre ‑ audit testing of IT control design and operating effectiveness

3. Support IT risk assessments and track risk mitigation activities.

4. Advise control owners to improve control design and execution and documentation quality.

5. Review SOC reports and assess CUECs, including mapping to internal controls annually, as needed.

Qualifications

What You Will Bring

• Minimum 5-7 years of internal and/or external IT audit or risk experience supporting IT risk assessments, including identifying control gaps, documenting mitigations, and tracking remediation progress.

• Preferred: Big Four experience

• Bachelor's degree in Information Management, Information Security, or a related field, or an equivalent combination of education, training, and relevant work experience

• Professional certification in audit or risk management, such as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Internal Auditor (CIA), or similar is preferred.

• Strong understanding of IT control frameworks, audit methodologies, and enterprise risk concepts

• Hands ‑ on experience performing IT General Controls (ITGC) reviews, including design and operating effectiveness testing.

• Working knowledge of SOC reports and Complementary User Entity Controls (CUECs), including review and coordination with control owners.

• Strong written and verbal communication skills, with the ability to clearly convey risk, control, and audit concepts to technical and non ‑ technical stakeholders

• Exceptional attention to detail and quality.

• Ability to work autonomously and in a team environment.

• Excellent interpersonal skills to successfully collaborate with cross functional departments.

• Strong orientation toward results coupled with reputation for integrity, creativity and good judgment

• Must have the ability to challenge, when appropriate, existing practices.

Work Environment

Employees in this class are subject to extended periods of sitting, standing, and walking, vision to monitor and moderate noise levels. Work is performed in an at home and office environment.

The posted salary range for this job takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; geographic location, and other business and organizational needs. Successful candidates may be hired anywhere in the salary range based on these factors. It is uncommon to hire candidates at or near the top of the range.

California Privacy Notice

This notice only applies to our applicants who reside in the State of California.

The latest version of our Privacy Policy can be found here . This Privacy Policy provides you with notice, at or before the point of collection, about the categories of personal information to be collected from you, the purposes for which your personal information is collected or used, and whether that information is sold or shared, so that you can exercise meaningful control over our use of your personal information. We are providing this notice to comply with the California Consumer Privacy Act of 2018, as amended as amended by the California Privacy Rights Act of 2020 ("CCPA").

If you have any questions about CCPA regarding California residents or HCA team members, please contact the Privacy Team at Privacy2@hcs.com .