Talent.com
Security Operations and Incident Response Manager
Security Operations and Incident Response ManagerHyundai Capital America • Plano, Texas, USA
Security Operations and Incident Response Manager

Security Operations and Incident Response Manager

Hyundai Capital America • Plano, Texas, USA
30+ days ago
Job type
  • Full-time
Job description

Description

Who We Are

Through our service brands Hyundai Motor Finance, Genesis Finance, and Kia Finance, Hyundai Capital America offers a wide range of financial products tailored to meet the needs of Hyundai, Genesis, and Kia customers and dealerships. We provide vehicle financing, leasing, subscription, and insurance solutions to over 2 million consumers and businesses. Embodying our commitment to grow, innovate, and diversify, we strive to reimagine the customer and dealer experience and launch innovative new products that broaden our market reach. We believe that success comes from within and are proud to support our team members through skill development and career advancement. Hyundai Capital America is an Equal Opportunity Employer committed to creating a diverse and inclusive culture for our workforce. We are a values-driven company dedicated to supporting both internal and external communities through volunteering, philanthropy, and the empowerment of our Employee Resource Groups. Together, we strive to be the leader in financing freedom of movement.

We Take Care of Our People

Along with competitive pay, as an employee of HCA, you are eligible for the following benefits :

  • Medical, Dental and Vision plans that include no-cost and low-cost plan options
  • Immediate 401(k) matching and vesting
  • Vehicle purchase and lease discounts plus monthly vehicle allowances
  • Paid Volunteer Time Off with company donation to a charity of your choice
  • Tuition reimbursement

What to Expect

The Security Operations & Incident Response (SOIR) Manager is responsible for the enterprise-wide incident response function within the Security Operations Center (SOC), ensuring rapid detection, containment, and remediation of cybersecurity threats. This role is pivotal in maintaining the integrity, confidentiality, and availability of Hyundai Capital America's digital assets and infrastructure. This role will oversee 3 rd party vendor of incident responders and collaborate with threat intelligence, vulnerability management, and engineering teams to drive continuous improvement in detection and response capabilities. In addition, this role will create and maintain incident response playbooks and establish processes for proactive threat hunting, as well as be responsible for administration and day-to-day support of HCA EDR, SIEM, and HCA Monitoring, Threat detection, and remediation tools.

What You Will Do

1. Security Monitoring & Threat Detection :

  • Monitor and analyze security events in real-time using SIEM platforms (e.g., Splunk, NGSIEM etc.) to detect and respond to threats targeting financial systems, such as ransomware, phishing, or account takeover.
  • Tune and optimize SIEM correlation rules and ingestion pipelines to reduce false positives and improve detection fidelity.
  • Leverage threat intelligence platforms to analyze emerging financial-specific threats, correlate intelligence with internal data, and develop actionable insights to enhance detection and prevention strategies.

    • 2. Incident Response & Remediation :

  • Alert Triage : Investigate and triage security alerts, correlating data from endpoints, networks, and cloud environments to identify true positives and escalate critical incidents.
  • Incident Handling : Lead and support incident response activities, including containment, eradication, and recovery, for security incidents spanning the MITRE framework.
  • Forensic Analysis : Perform forensic investigations to determine the root cause of incidents, and document findings for audits and legal purposes.
  • Playbook Development : Create and maintain incident response playbooks, ensuring rapid and consistent response processes.
  • Post-Incident Review : Conduct post-Incident reviews to identify lessons learned, recommend improvements, and update security controls to prevent recurrence.
  • Coordinate with MSSP partners in a co-managed SIEM / SOC model to validate escalations and provide tuning feedback.

    • 3. Tool Administration and Management of SOC Solutions :

  • Tool Administration : Manage and configure security tools, including SIEM, EDR, firewalls, and vulnerability scanners, to ensure optimal performance and coverage.
  • Rule Tuning : Develop and tune detection rules, signatures, and alerts to reduce false positives and improve detection accuracy in financial environments.
  • Automation : Implement automation responses (e.g. SOUR) scripts (e.g., Python, PowerShell) to streamline tasks like alert enrichment, incident triage, or vulnerability scans.
  • Cloud Security Monitoring : Monitor and secure cloud environments (e.g., AWS, Azure, Google Cloud, Oracle Cloud) using native security tools and third-party integrations, protecting financial data and workloads.
  • Collaborate with cybersecurity architecture & engineering team to ensure proper integration of security tools across cloud, network, and endpoint environments.
  • Partner with vulnerability management and IAM teams to ensure holistic security coverage.

    • 4. Collaboration, Automation, and Innovation Activities :

  • Cross-Functional Collaboration : Partner with IT Infrastructure and IT Application Teams, DevOps, IAM, DLP, and Application Security teams to integrate security operations with broader cybersecurity initiatives, such as cloud migrations or fintech development.
  • Vulnerability Management : Collaborate with Vulnerability Management team to conduct regular vulnerability scans across networks, systems, and applications to identify weaknesses, such as unpatched software or misconfigurations and support the patching management and / or adequate remediation plan.

    • 5. Documentation, Reporting, and Compliance Activities :

  • Incident Documentation : Document security incidents, investigations, and remediation actions in detail to support audits, compliance, and lessons learned.
  • Vulnerability and Penetration Test Reports : Produce comprehensive reports on vulnerability scans and penetration tests, including risk assessments, remediation plans, and validation results.
  • Metrics and Reporting : Develop and report on SOC metrics (e.g., Mean Time to Detect, Mean Time to Respond, vulnerability remediation rates, penetration test coverage) to demonstrate operational effectiveness.
  • Runbooks and Procedures : Maintain and update SOC runbooks, standard operating procedures (SOPs), and knowledge bases for incident response, vulnerability management, and penetration testing.

    • Qualifications

    What You Will Bring

  • Minimum 5-7 years progressive experience in cybersecurity with proven knowledge in Security Operations Center practices and incident response processes; including 3+ years of experience in financial services, with a strong understanding of financial threats (e.g., fraud, data breaches) and regulations (e.g., PCI DSS, Korean SOX, GDPR)
  • Hands-on experience with SIEM platforms, EDR solutions, and other Monitoring and Vulnerability management tools (e.g., Splunk, Crowdstrike, Rapid 7)
  • Strong understanding of cyber threat landscapes , attack vectors, MITRE ATT&CK framework, and adversary tactics, techniques, and procedures
  • Bachelor's degree in Computer Science, Information Security, or related field
  • Master's degree preferred
  • Certification in one of the following : CISSP, CCSP, CISM, TOGAF or equivalent
  • Demonstrated ability to manage major incident investigations, including root cause analysis, executive reporting, and coordination with legal, compliance, and law enforcement when necessary
  • Familiarity with regulatory and compliance frameworks such as HIPAA, PCI-DSS, NIST, ISO 27001, and GDPR.
  • Proven ability to develop and maintain incident response playbooks, escalation procedures, and SOC standard operating procedures (SOPs)
  • Experience with cybersecurity metrics and KPIs, and the ability to communicate risk and operational performance to executive leadership
  • Demonstrated expertise in incident response lifecycle, including detection, triage, containment, eradication, recovery, and post-incident review
  • Analytical mindset with attention to detail
  • Excellent communication and documentation skills
  • Ability to work under pressure and manage multiple incidents simultaneously
  • Passion for continuous learning and staying ahead of emerging threats

    • Work Environment

    Employees in this class are subject to extended periods of sitting, standing, and walking, vision to monitor and moderate noise levels. Work is performed in an at home and office environment.

    The posted salary range for this job takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; geographic location, and other business and organizational needs. Successful candidates may be hired anywhere in the salary range based on these factors. It is uncommon to hire candidates at or near the top of the range.

    California Privacy Notice

    This notice only applies to our applicants who reside in the State of California.

    The latest version of our Privacy Policy can be found here . This Privacy Policy provides you with notice, at or before the point of collection, about the categories of personal information to be collected from you, the purposes for which your personal information is collected or used, and whether that information is sold or shared, so that you can exercise meaningful control over our use of your personal information. We are providing this notice to comply with the California Consumer Privacy Act of 2018, as amended as amended by the California Privacy Rights Act of 2020 ("CCPA").

    If you have any questions about CCPA regarding California residents or HCA team members, please contact the Privacy Team at Privacy2@hcs.com .

    Create a job alert for this search

    Security Incident Response • Plano, Texas, USA

    Related jobs
    Major Incident Manager

    Major Incident Manager

    Diverse Lynx • Plano, TX, US
    Full-time
    Location : Plano, TX (Onsite) Duration : Fulltime.Experience in handling MIM support.Knowledge on Service Design, Service Transition, Service Operations & CSI Experience in handling Problem Managemen...Show more
    Last updated: 30+ days ago • Promoted
    Senior Security Manager

    Senior Security Manager

    Securitas Security Services USA, Inc. • Richardson, TX, United States
    Full-time
    Securitas Security Services USA, Inc.Our mission is simple yet powerful : .Backed by a legacy of trust, innovation, and global expertise, we provide tailored security solutions that combine cutting-e...Show more
    Last updated: 1 day ago • Promoted
    CDS Full Time Event Manager - Product Demonstration

    CDS Full Time Event Manager - Product Demonstration

    Advantage Solutions • McKinney, TX, United States
    Full-time +1
    CDS Full Time Event Manager - Product Demonstration.US-TX-Frisco | US-TX-Mc Kinney | US-TX-Lewisville.Primary Posting Location : Address. Primary Posting Location : City.Primary Posting Location : S...Show more
    Last updated: 30+ days ago • Promoted
    Pharmacy Operations Manager

    Pharmacy Operations Manager

    Walgreens • Celina, TX, United States
    Full-time
    Where state and federal laws / regulations allow, accountable for performing day-to-day non-clinical pharmacy operations, administrative activities. Ensures efficient pharmacy workflow and a positive...Show more
    Last updated: 3 days ago • Promoted
    Customs and Border Protection Officer

    Customs and Border Protection Officer

    U.S. Customs and Border Protection • Van Alstyne, Texas, US
    Full-time +1
    Customs and Border Protection (CBP) offers those interested in a career in law enforcement an exceptional opportunity to work with an elite team of highly trained professionals whose camaraderie, p...Show more
    Last updated: 30+ days ago • Promoted
    Director - Digital Security- Cyber Risk Services

    Director - Digital Security- Cyber Risk Services

    EisnerAmper • Dallas, TX, United States
    Full-time
    At EisnerAmper, we look for individuals who welcome new ideas, encourage innovation, and are eager to make an impact.Whether you're starting out in your career or taking your next step as a seasone...Show more
    Last updated: 30+ days ago • Promoted
    Governance, Risk & Compliance Manager

    Governance, Risk & Compliance Manager

    Jobot • Dallas, TX, US
    Full-time
    Top tier advisory firm w / hybrid schedule & focus on work / life balance.This Jobot Job is hosted by : Mitch Hagen.Are you a fit? Easy Apply now by clicking the "Apply Now" button and sending us your...Show more
    Last updated: 30+ days ago • Promoted
    Manhattan Active Architect - 46686

    Manhattan Active Architect - 46686

    Cognizant • Anna, Texas, United States
    Full-time
    About the RoleWe are seeking an experienced Manhattan Active Warehouse Management Systems (MAWM) Architect to drive end-to-end design, configuration, and implementation of MAWM solutions.This role ...Show more
    Last updated: 5 days ago • Promoted
    Senior Security Manager

    Senior Security Manager

    Securitas • Richardson, Texas, USA
    Full-time
    Securitas Security Services USA Inc.Our mission is simple yet powerful : .Backed by a legacy of trust innovation and global expertise we provide tailored security solutions that combine cutting-edge ...Show more
    Last updated: 1 hour ago • Promoted • New!
    Incident Management Specialist

    Incident Management Specialist

    Transcend Softech LLC • Plano, TX, US
    Full-time
    Position : Operations / Production Support Engineer.Bilingual – Japanese and English (Business level required).Operations / Production Support experience, including P1 / P2 incident management, root c...Show more
    Last updated: 18 hours ago • Promoted • New!
    Security Operations Center Analyst

    Security Operations Center Analyst

    Public Storage • Plano, Texas, USA
    Full-time
    Direct responsibility for the programming of intrusion detection alert notifications in the company video management system. Ensure that video motion detection and object analytic alert parameters a...Show more
    Last updated: 24 days ago • Promoted
    Information Security Risk Manager

    Information Security Risk Manager

    Selby Jennings • Dallas, TX, United States
    Full-time
    We are seeking a seasoned Information Security Risk professional to lead enterprise-wide security risk and compliance initiatives for a mid-sized financial institution. This role is responsible for ...Show more
    Last updated: 18 days ago • Promoted
    Security Operations Lead

    Security Operations Lead

    Inspira Enterprise • Dallas, Texas, United States
    Full-time
    We are seeking a highly skilled and technically hands-on.Onsite SOC / Incident Response (IR) Lead Analyst.This role is critical in leading onsite incident response efforts and overseeing Security Ope...Show more
    Last updated: 1 day ago • Promoted
    Lead Product Security Engineer

    Lead Product Security Engineer

    Dematic Corp. (ILD-US) • Plano, TX, United States
    Full-time
    We are looking for a hands-on and highly motivated Lead Product Security Engineer to join our Product Security Operations team. In this role, you'll help protect and scale our cloud environment and ...Show more
    Last updated: 30+ days ago • Promoted
    Senior IT Security Analyst

    Senior IT Security Analyst

    Busey Bank • Frisco, TX, United States
    Full-time
    The Senior IT Security Analyst is responsible for managing activities relating to monitoring and responding to security events. The analyst is responsible for monitoring application, host, and netwo...Show more
    Last updated: 30+ days ago • Promoted
    Registered Nurse Case Manager

    Registered Nurse Case Manager

    Medical City Dallas • Prosper, TX, United States
    Full-time +1
    Do you want to be appreciated daily? Our nurses are celebrated for being on the front line, empathetic for patients.At Medical City Dallas our nurses set us apart from any other healthcare provider...Show more
    Last updated: 1 day ago • Promoted
    General Manager - Enterprise Security Solutions (ESS) -

    General Manager - Enterprise Security Solutions (ESS) -

    Diversified • Dallas, TX, United States
    Full-time
    Diversified is a global leader in audio visual and media innovation, recognized for designing and building the world's most experiential environments. Our award-winning team specializes in deliverin...Show more
    Last updated: 30+ days ago • Promoted
    Senior Director - Catastrophe Management Analytics

    Senior Director - Catastrophe Management Analytics

    Aon • Dallas, TX, United States
    Full-time +1
    Aon is looking for a Senior Director - Catastrophe Modeling - Boston, NYC, Bloomington, Atlanta, Dallas or Chicago.Senior Director of Catastrophe Risk Management. As part of the Catastrophe Manageme...Show more
    Last updated: 30+ days ago • Promoted