IT Security Engineer

At Kia, we're creating award-winning products and redefining what value means in the automotive industry. It takes a special group of individuals to do what we do, and we do it together. Our culture is fast-paced, collaborative, and innovative. Our people thrive on thinking differently and challenging the status quo. We are creating something special here, a culture of learning and opportunity, where you can help Kia achieve big things and most importantly, feel passionate and connected to your work every day.

Kia provides team members with competitive benefits including premium paid medical, dental and vision coverage for you and your dependents, 401(k) plan matching of 100% up to 6% of the salary deferral, and paid time off. Kia also offers company lease and purchase programs, company-wide holiday shutdown, paid volunteer hours, and premium lifestyle amenities at our corporate campus in Irvine, California.

Status

Exempt

General Summary

Under the direction of Information Security management, the Penetration Test Engineer is responsible for protecting Kia America (KUS) including subsidiaries from cyberattacks which can result in loss of sensitive data, harm to the company brand or disruption to business operations. This position will report to the Manager, Information Security and be a key member of the Information Security team.

This critical role will coordinate the information security reviews of company IT initiatives either directly or through IT service providers. This includes conducting security risk assessments, performing penetration tests, identifying threats and vulnerabilities, and presenting recommendations to address them.

The Penetration Test Engineer will take necessary actions and preventive measures, such as analyzing security system logs, to protect company information systems, including employee, dealer and consumer facing systems, from being compromised. This role will investigate the security vulnerabilities of company information systems and provide solutions and methods to remediate them. This role is also responsible for creating, updating, and testing the company's incident response procedures for handling security events. This includes conducting regular table-top exercises to continuously improve the effectiveness of these procedures and minimize the recovery time and business impact of an actual security event. This role will work with internal and external parties to conduct forensic analysis to determine root causes and implement corrective and preventive plans.

The Penetration Test Engineer works closely with KUS business units and security service providers to develop optimal solutions for short-term and long-term enhancements of KUS's security maturity.

Essential Duties and Responsibilities

1st Priority - 70%

• Conduct penetration tests against Kia America's corporate web / business applications, servers, APIs, mobile apps, networks, cloud environments and connected cars.
• Create detailed technical reports describing discovered vulnerabilities, approach taken to identify them, method to duplicate findings, vulnerability risk level and recommendations to mitigate the risks.
• Oversee, or perform, all penetration test phases (Reconnaissance, Scanning, Vulnerability Assessment, Exploitation, Remediation and Reporting)
• Stay current on new and emerging security threats and the security tools and methods necessary to mitigate them.

2nd Priority - 30%

Qualifications / Education

Job Requirement

Overall Experience :

Other Requirements :

Specialized Skills and Knowledge Required

Competencies

Pay Range

$125,000 - $150,000

Pay will be based on several variables that are unique to each candidate, including but not limited to, job-related skills, experience, relevant education or training, etc.

Equal Employment Opportunities

KUS provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, ancestry, national origin, sex, including pregnancy and childbirth and related medical conditions, gender, gender identity, gender expression, age, legally protected physical disability or mental disability, legally protected medical condition, marital status, sexual orientation, family care or medical leave status, protected veteran or military status, genetic information or any other characteristic protected by applicable law. KUS complies with applicable law governing non-discrimination in employment in every location in which KUS has offices. The KUS EEO policy applies to all areas of employment, including recruitment, hiring, training, promotion, compensation, benefits, discipline, termination and all other privileges, terms and conditions of employment.

Disclaimer : The above information on this job description has been designed to indicate the general nature and level of work performed by employees within this classification and for this position. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.