Job Specifications
Location: Fountain Valley, CA (5-days onsite)
Company Overview
Hyundai AutoEver America (HAEA) is the dynamic IT powerhouse behind Hyundai Motor Corporation, a Fortune 500 global leader in the automotive industry. As a key affiliate, we provide cutting-edge IT services and support to top brands including Kia, Genesis, Hyundai Translead, Hyundai Mobis, Hyundai Capital, and Glovis.
HAEA offers a truly global and collaborative environment. Here, you’ll drive innovation, boost operational efficiency, and help shape the future of mobility for the Hyundai Motor Group.
At HAEA, we understand that IT is the cornerstone of today’s fast-evolving digital world. By uniting all IT resources under one roof, we deliver consistent, top-quality solutions while serving as the crucial information link between Hyundai’s Global Headquarters and North American operations.
If you’re passionate about technology and eager to make a real impact at a world-class company, Hyundai AutoEver America is the place to grow your career. Join us and be part of the transformation that’s driving the future of automotive innovation.
Website: http://www.haeaus.com
Role Overview
The Security Engineer II is an individual contributor who will participate and manage in all aspects of information and network security including intrusion detection, incident response, vulnerability management, application security, and compliance with the corporate information security policy. This person will primarily be responsible for designing, implementing, administrating, operating, and improving security technologies including but not limited to Network Access Control, Endpoint Protection, Two-Factor Authentication, Security Information and Event Management (SIEM), and vulnerability management tools, along with their procedures and processes.
Key Responsibilities:
Security Engineering
Design, build, test, and deploy new security technologies, which include the development of the operational manual and run books.
Provides technical security operations engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement.
Investigates, recommends, evaluates, deploys, and integrates operational security tools (e.g., SIEM, vulnerability scanning) and techniques to enhance protection of corporate assets and infrastructure.
Participate in technical risk assessments and security exposure analyses of systems, networks, and business applications.
Analyzes network security elements and overall network security architectural designs to ensure secure and optimal system and network performance and cost-effectiveness.
Participate in or lead the Incident Response activities.
Interacts with internal and external clients on security operations requirements, identifies security processes, and develops strategies/solutions to security issues.
Security Operations / Administration
Monitor and manage our networks and infrastructure environment for attacks, malicious software, and possible intrusions, which includes the follow-up of complete remediation of infected systems.
Administer and tune SIEM platforms to improve threat detection and response.
Conduct vulnerability assessments and manage remediation to mitigate risks.
Required to be on-call (after hours) per the established rotational schedule.
Implement changes to our security technologies/infrastructure in accordance with standard and change control policies/procedures.
Evaluate, implement, tune, and operate Security Solutions such as IPS, vulnerability scanning tools, and SIEM systems.
Basic Qualifications
Bachelor’s Degree in Computer Science, Information Systems, or related field, or equivalent experience.
Minimum 3 years of IT relevant experience or equivalent combination of experience plus at least 1 year of experience performing Security Engineering/Planning/Operations, preferably with SIEM or vulnerability management.
Experience in medium to complex computing environments, with advanced knowledge in security technologies and services.
Hands-on experience with at least two or more of the following Enterprise Security Technologies:
Network Intrusion Prevention/Detection
Virtual Private Networks; SSL, IPSec, and Site-to-Site
Enterprise-Class Stateful Inspection Firewalls
Network Access Controls in context to Identity Management
Windows Server OS & Desktop OS
Network Packet Inspection
Directory Services including LDAP, AD, and Secure Authentication Technologies
SIEM platforms (e.g., Splunk, ArcSight)
Vulnerability management tools (e.g., Nessus, Qualys).
Experience in implementing Information Security technologies and/or processes required.
Experience in defining Information Security strategies and frameworks.
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilitie