Description
Who We Are
Through our service brands Hyundai Motor Finance, Genesis Finance, and Kia Finance, Hyundai Capital America offers a wide range of financial products tailored to meet the needs of Hyundai, Genesis, and Kia customers and dealerships. We provide vehicle financing, leasing, subscription, and insurance solutions to over 2 million consumers and businesses. Embodying our commitment to grow, innovate, and diversify, we strive to reimagine the customer and dealer experience and launch innovative new products that broaden our market reach. We believe that success comes from within and are proud to support our team members through skill development and career advancement. Hyundai Capital America is an Equal Opportunity Employer committed to creating a diverse and inclusive culture for our workforce. We are a values-driven company dedicated to supporting both internal and external communities through volunteering, philanthropy, and the empowerment of our Employee Resource Groups. Together, we strive to be the leader in financing freedom of movement.
We Take Care of Our People
Along with competitive pay, as an employee of HCA, you are eligible for the following benefits :
- Medical, Dental and Vision plans that include no-cost and low-cost plan options
- Immediate 401(k) matching and vesting
- Vehicle purchase and lease discounts plus monthly vehicle allowances
- Paid Volunteer Time Off with company donation to a charity of your choice
- Tuition reimbursement
What to Expect
The Sr. Cloud Security Architect is a strategic technical leader responsible for designing and implementing secure cloud architecture across multiple platforms and service models. This role ensures that enterprise cloud environments-including SaaS, PaaS, and IaaS-are resilient, compliant, and aligned with cybersecurity standards. The architect will work closely with the IT Infrastructure Platform team to integrate security into infrastructure services and cloud-native platforms, including securing the Microsoft 365 (M365) ecosystem. This role will champion the adoption of Zero Trust principles and industry best practices, working cross-functionally to elevate the organization's cloud security posture.
What You Will Do
1. Cloud Security Architecture & Design :
Design Secure Cloud Infrastructure Environments : design and implement secure cloud architecture across AWS, OCI, GCP and other platforms.Assess and Secure IaaS, PaaS, SaaS solutions : Identify cybersecurity risk and remediation activities to ensure our SaaS solutions such a Salesforce, M365, and other solutions are aligned with industry's best practices to ensure the security of our data stored and processed within these services.Secure AI Utilization : design and implement security controls for AI / ML workloads in cloud environments, including securing model training pipelines, protecting sensitive data, and mitigating risks associated with adversarial AI, model drift, and generative AI misuse.Develop reference architectures and security patterns that align with Zero Trust principles.Lead threat modeling and risk assessments for cloud and hybrid workloads.2. Cloud Security Engineering, Implementation and Operations Support :
Cloud Security Solution Management : manage and monitor our cloud native security solutions and monitoring tools to ensure optimal performance and visibility.Provide Support and Guidance for Security Operations : Provide technical leadership and guidance to our Security ops teams and lead incident responses related to Cloud security events.Review, monitor and Optimize : review current Cloud solution implementations, optimize cloud security utilization and improve efficiency and integration when possible. Create continuous monitoring of Cloud Security Compliance.Collaborate with infrastructure and DevOps teams to implement security controls including IAM, encryption, segmentation, and monitoring.Integrate cloud security tools (CSPM, CWPP, CIEM) into CI / CD pipelines and runtime environments.Drive automation and infrastructure-as-code (IaC) practices using tools.Define cloud security monitoring requirements and integrate with SIEM and SOAR platforms.Support incident response and forensic investigations related to cloud and hybrid environments.Conduct root cause analysis and recommend architectural improvements to prevent recurrence.3. Collaboration and Innovation :
Cross-Functional Collaboration : Partner with IT Infrastructure and IT Application teams, DevOps, IAM, DLP, Security Operations, Information Protection Governance and business units to integrate security into digital transformation initiatives, such as cloud migrations, fintech innovations, and core banking systems.Technology Evaluation : Research and evaluate emerging cybersecurity technologies (e.g., AI-driven threat detection, PasswordLess authentication) to enhance architectural resilience and efficiency.Automation and Orchestration : Design automated security workflows using tools like SOAR platforms (e.g., Splunk SOAR, Palo Alto Cortex) to improve incident response and operational efficiency.Knowledge Sharing : Mentor junior architects and engineers, sharing best practices and fostering a culture of security awareness across the organization .Act as a subject matter expert (SME) for cloud and hybrid security across the enterprise.Influence strategic decisions around cloud adoption, migration, and modernization with a security-first mindset.4. Compliance and Regulatory Alignment :
Regulatory Compliance : Ensure cloud security architecture meets financial regulations (e.g., PCI DSS, GDPR, Korean SOX, FFIEC, NYDFS) through secure design, documentation, and audit-ready configurations.Policy Development : Contribute to the development of cybersecurity policies and standards, ensuring architectural designs align with regulatory and organizational requirements.Vendor Evaluation : Assess third-party vendors and Managed Security Service Providers (MSSPs) for compatibility with architectural designs and compliance needsPromote and enforce industry best practices for cloud security architecture, operations, and governance.5. Documentation and Reporting :
Architecture Documentation : Create and maintain detailed architectural diagrams, design documents, standards and runbooks to support implementation, audits, and incident response.Executive Communication : Present architectural designs, risk assessments, and recommendations to the Director of Cybersecurity, CISO, and senior leadership, articulating business impacts.Metrics and Validation : Develop metrics to validate architectural effectiveness (e.g., threat detection coverage, compliance adherence) and drive continuous improvement.Qualifications
What You Will Bring
Minimum 8 years progressive experience in cybersecurity with proven knowledge in cloud security architecture or engineering role designing secure cloud native systems.3 years of experience in financial services, with a strong understanding of financial threats (e.g., fraud, data breaches) and regulations (e.g., PCI DSS, Korean SOX, GDPR).Hands-on experience architecting secure network, cloud, and SaaS environments in complex, regulated industries.Bachelor's degree in computer science, Information Security, or related field; Master's degree preferredAt least one of the following : CISSP, CCSP, CISM, TOGAF, or equivalent.Hands-on security testing experience in cloud platforms, especially AWS and M365.Cloud security certifications such as :o AWS Certified Security - Specialty
o Microsoft Azure Security Engineer
o Microsoft 365 Security
o Google Professional Cloud Security Engineer
o Other comparable certifications.
Technical Skills :
Technical expert with deep experience in financial services, a strategic mindset, and the ability to align cybersecurity architecture with business objectives.Expertise in network security (e.g., NGFW, IDS / IPS, VPNs) and cloud security (AWS, Azure, Google Cloud, Oracle Cloud)Proficiency in Microsoft 365 Security Tools : Microsoft Defender, Intune, Azure AD (Entra), ADFSKnowledge of security frameworks such as NIST, ISO 27001, and COBIT.Strong knowledge of Cloud Native Security solutions and monitoring technology - (AWS CloudTrail, SecurityHub, GuardDuty)Experience with secure software development lifecycles (SDLC) and DevSecOps practices.Familiarity with automation and scripting (e.g., Python, PowerShell, Terraform) for infrastructure-as-code and security orchestration.Hands-on experience with cloud security posture management (CSPM) and workload protection platforms.Proficiency in IAM frameworks (RBAC, MFA, PAM) and DLP technologies (data classification, policy enforcement).Strong knowledge of SIEM (e.g., Splunk), SOAR, and threat intelligence platforms for architectural integration.Deep experience in the design and implementation of robust security architectures for SaaS platforms, ensuring secure integration, data protection, and compliance with industry standards such as SOC 2, ISO 27001, and others.Experience designing and implementing security controls for AI / ML workloads in cloud environments.Knowledge of financial systems (e.g., core banking platforms, payment gateways) and their security requirements.Soft Skills :
Strong problem-solving skills to address complex architectural challenges.Excellent communication skills to articulate technical concepts to technical and non-technical stakeholders.Strategic thinker with the ability to align cybersecurity architectures with business and regulatory goals.Preferred
Experience with AI-driven cybersecurity tools (e.g., ReliaQuest GreyMatter, Rapid7, etc.) for threat detection and response.Familiarity with zero-trust architectures and emerging technologies, such as SASE or decentralized identity.Knowledge of data encryption, tokenization, and secure API design for financial applications.Experience working with MSSPs to integrate external security services.Understanding of threat modeling frameworks.Work Environment
Employees in this class are subject to extended periods of sitting, standing, and walking, vision to monitor and moderate noise levels. Work is performed in an at home and office environment.
The posted salary range for this job takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; geographic location, and other business and organizational needs. Successful candidates may be hired anywhere in the salary range based on these factors. It is uncommon to hire candidates at or near the top of the range.
California Privacy Notice
This notice only applies to our applicants who reside in the State of California.
The latest version of our Privacy Policy can be found here . This Privacy Policy provides you with notice, at or before the point of collection, about the categories of personal information to be collected from you, the purposes for which your personal information is collected or used, and whether that information is sold or shared, so that you can exercise meaningful control over our use of your personal information. We are providing this notice to comply with the California Consumer Privacy Act of 2018, as amended as amended by the California Privacy Rights Act of 2020 ("CCPA").
If you have any questions about CCPA regarding California residents or HCA team members, please contact the Privacy Team at Privacy2@hcs.com .
