Who We Are

Through our service brands Hyundai Motor Finance, Genesis Finance, and Kia Finance, Hyundai Capital America offers a wide range of financial products tailored to meet the needs of Hyundai, Genesis, and Kia customers and dealerships. We provide vehicle financing, leasing, subscription, and insurance solutions to over 2 million consumers and businesses. Embodying our commitment to grow, innovate, and diversify, we strive to reimagine the customer and dealer experience and launch innovative new products that broaden our market reach. We believe that success comes from within and are proud to support our team members through skill development and career advancement. Hyundai Capital America is an Equal Opportunity Employer committed to creating a diverse and inclusive culture for our workforce. We are a values-driven company dedicated to supporting both internal and external communities through volunteering, philanthropy, and the empowerment of our Employee Resource Groups. Together, we strive to be the leader in financing freedom of movement.

We Take Care of Our People

Along with competitive pay, as an employee of HCA, you are eligible for the following benefits:

• Medical, Dental and Vision plans that include no-cost and low-cost plan options
• Immediate 401(k) matching and vesting
• Vehicle purchase and lease discounts plus monthly vehicle allowances
• Paid Volunteer Time Off with company donation to a charity of your choice
• Tuition reimbursement
  
  

What To Expect

The Sr. Manager, Identity and Access Management (IAM) Platform will lead the design, implementation, and management of the organization’s IAM platform, ensuring secure, scalable, and compliant access to financial systems, customer data, and employee accounts. Reporting to the Director of Cybersecurity Engineering & Operations, this role will manage a team of IAM engineers and analysts, oversee platform operations, and collaborate with cross-functional teams to align IAM strategies with business objectives and financial regulations (e.g., PCI DSS, GDPR, SOX, FFIEC).

What You Will Do

• IAM Platform Strategy and Leadership:
• Platform Ownership: Lead the end-to-end management of the IAM platform (e.g., SailPoint, CyberArk, Ping Identity, etc.), including architecture, configuration, and integration with financial systems, cloud services, and third-party applications.
• Strategic Roadmap: Develop and execute a multi-year IAM strategy aligned with organizational goals, zero-trust principles, and financial industry trends.
• Cross-Functional Collaboration: Partner with IT Infrastructure, IT Applications, DevOps, Legal and Data Privacy, Information Protection Governance and business units to integrate security into digital transformation initiatives.
• Executive Reporting: Present IAM strategies, risks, and performance metrics to the Director of Cybersecurity Engineering & Operations, CISO, and senior leadership, translating technical details into business impacts.
• Continuous Improvement: Conduct regular platform assessments and gap analyses to identify opportunities for optimization and innovation.
• IAM Platform Operations:
• Access Control Implementation: Oversee the deployment and maintenance of role-based access control (RBAC), multi-factor authentication (MFA), and privileged access management (PAM) solutions to secure access to banking platforms, payment systems, and sensitive data.
• Identity Governance: Manage identity lifecycle processes, including user provisioning, de-provisioning, access reviews, and certification campaigns, ensuring compliance with Korean SOX, GDPR, and PCI DSS.
• Single Sign-On (SSO): Implement and optimize SSO solutions (e.g., SAML, OAuth, OpenID Connect) to streamline secure access across on-premises, cloud, and hybrid environments.
• Monitoring and Incident Response: Establish real-time monitoring of IAM systems using SIEM integration (e.g., Splunk, etc.) and lead rapid response to access-related incidents, such as unauthorized access or privilege escalation.
• Performance Metrics: Establish and track KPIs (e.g., time to provision/de-provision, access review completion rates, incident response times) to measure IAM platform effectiveness and compliance.
• Technical Innovation and Automation:
• Automation: Drive automation of IAM processes (e.g., user onboarding, access provisioning) using scripting (e.g., Python, PowerShell) and workflow tools to improve efficiency and reduce manual errors.
• AI and Analytics: Leverage AI-driven identity analytics (e.g., user behavior analysis) to detect anomalies, such as insider threats or account compromise, and enhance proactive security.
• Cloud IAM: Design and implement IAM solutions for cloud platforms (e.g., AWS IAM, Azure AD), ensuring secure access for multi-cloud and hybrid environments.
• Integration: Ensure seamless integration of IAM platforms with financial systems (e.g., core banking, payment gateways) and third-party tools, maintaining compatibility and performance.
• Compliance and Risk Management:
• Regulatory Compliance: Ensure IAM practices meet financial regulations (e.g., PCI DSS, GDPR, Korean SOX, FFIEC, NYDFS, etc.) through policy enforcement, audit-ready reporting, and regular access reviews.
• Risk Assessments: Support risk assessments to identify and mitigate IAM vulnerabilities, such as over-privileged accounts or weak authentication mechanisms.
• Vendor Management: Evaluate and manage relationships with IAM vendors (e.g., SailPoint, CyberArk, Ping Identity, Microsoft, etc.) and Managed Security Service Providers (MSSPs) to ensure platform reliability and alignment with security goals.
• Policy Development: Partnering with Information Protection Governance team to develop and maintain IAM policies, standards, and procedures in line with industry frameworks (e.g., NIST 800-53, ISO 27001).
• Leadership and Development:
• Lead, mentor, and develop a team of IAM engineers, analysts, and architects, fostering a culture of innovation and accountability.
  
  

What You Will Bring

• Minimum 8 years progressive experience in IAM, with at least 3 years in a technical leadership or managerial role overseeing IAM platform operations.
• 3+ years of experience in financial services, with a strong understanding of financial threats (e.g., fraud, unauthorized access) and regulations (e.g., PCI DSS, Korean SOX, GDPR).
• Hands-on experience designing and managing enterprise-grade IAM platforms (e.g., SailPoint, CyberArk, Ping Identity, Microsoft Purview, etc.).
• Proven track record of implementing RBAC, MFA, PAM, and SSO in complex, regulated environments.
• Bachelor’s degree in computer science, Information Security, or related field; Master’s degree preferred.
• At least one of the following: CISSP, CISM, CIAM (Certified Identity and Access Manager), or equivalent. Vendor-specific certifications (e.g., SailPoint Certified Engineer, CyberArk Certification, Microsoft Purview Certification) are a plus.
• Knowledge of security frameworks such as NIST, ISO 27001, and COBIT.
• Expertise in IAM platforms (e.g., SailPoint, CyberArk, CyberArk, Microsoft Purview, etc) and protocols (SAML, OAuth, OpenID Connect, SCIM).
• Proficiency in cloud IAM (AWS IAM, Azure AD, Google Cloud Identity) and zero-trust architecture.
• Strong knowledge of SIEM integration (e.g., Splunk, etc.) and identity analytics for threat detection.
• Experience with automation and scripting (e.g., Python, PowerShell, Bash) for IAM workflows.
• Familiarity with financial systems (e.g., core banking platforms, payment gateways) and their security requirements
• Proven ability to drive innovation in identity governance and zero-trust security..
• Proven ability to lead, mentor and develop team members.
  
  

Preferred

• Experience with AI-driven IAM analytics or user behavior analysis tools for proactive threat detection.
• Familiarity with DevSecOps and secure software development lifecycles (SDLC) in financial applications.
• Knowledge of data loss prevention (DLP) integration with IAM for comprehensive data security.
• Experience managing MSSP relationships for IAM support.
• Understanding of emerging IAM trends, such as passwordless authentication or decentralized identity.
  
  

Work Environment

Employees in this class are subject to extended periods of sitting, standing and walking, vision to monitor and moderate noise levels. Work is performed in an office environment.

The posted salary range for this job takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; geographic location, and other business and organizational needs. Successful candidates may be hired anywhere in the salary range based on these factors. It is uncommon to hire candidates at or near the top of the range.

California Privacy Notice

This notice only applies to our applicants who reside in the State of California.

The latest version of our Privacy Policy can be found here. This Privacy Policy provides you with notice, at or before the point of collection, about the categories of personal information to be collected from you, the purposes for which your personal information is collected or used, and whether that information is sold or shared, so that you can exercise meaningful control over our use of your personal information. We are providing this notice to comply with the California Consumer Privacy Act of 2018, as amended as amended by the California Privacy Rights Act of 2020 (“CCPA”).

If you have any questions about CCPA regarding California residents or HCA team members, please contact the Privacy Team at [email protected].

Primary Location

United States-California-Irvine

Work Locations

Headquarters 1

Job

IT Application

Job Type

Regular

Overtime Status

Exempt

Schedule

Full-time

Minimum Salary: $

140,500.00

Maximum Salary: $

217,800.00

Job Posting

May 16, 2025