Risk Ops Analyst III

Job Description Job Description Risk Ops Analyst Location – Irvine, CA Company Overview Hyundai AutoEver America (HAEA) , the dynamic IT powerhouse behind Hyundai Motor Corporation, a Fortune 500 global leader in the automotive industry. As a key affiliate, we provide cutting-edge IT services and support to top brands including Kia, Genesis, Hyundai Translead, Hyundai Mobis, Hyundai Capital, and Glovis. HAEA offers a truly global and collaborative environment. Here, you’ll drive innovation, boost operational efficiency, and help shape the future of mobility for the Hyundai Motor Group. At HAEA, we understand that IT is the cornerstone of today’s fast-evolving digital world. By uniting all IT resources under one roof, we deliver consistent, top-quality solutions while serving as the crucial information link between Hyundai’s Global Headquarters and North American operations. If you’re passionate about technology and eager to make a real impact at a world-class company, Hyundai AutoEver America is the place to grow your career. Join us and be part of the transformation that’s driving the future of automotive innovation. What You Will Be Doing The Risk Operations Senior Analyst plays a critical role within the Integrated Risk Management team, supporting the CISO organization by operating and continuously improving core technology risk processes. This role is responsible for maintaining the technology control library, policies, and standards, and for executing risk operations including Technology Risk Assessments, Risk Issue Management, and Risk Exception Management. The role also owns risk data integrity and reporting, producing dashboards and insights that track remediation progress, risk posture, and control effectiveness across the organization. This position requires a blend of risk expertise, operational rigor, stakeholder management, and strong analytical and reporting skills. The key responsibilities of this role are as described below: Technology Control Framework & Documentation Maintain and evolve the enterprisetechnology control library, ensuring alignment with internal policies, standards, and external frameworks (e.g., NIST CSF 2.0, ISO 27001, CIS). Own the lifecycle management oftechnology risk policies and standards, including updates, reviews, approvals, and communications. Ensure controls, policies, and standards are clearly mapped to regulatory, legal, and business requirements. Risk Operations Execution Run and continuously improve coreRisk Operations processes, including: Technology Risk Assessments(consistently assessing the inherent risk, control effectiveness within the environment ) Risk Issue Management(identification, validation, remediation tracking, closure) Risk Exception Management(intake, assessment, approvals, renewals, expirations) Ensure risk processes are executed consistently, on time, and in accordance with defined methodologies. Act as a subject matter expert for risk process guidance to technology, security, and business teams. Risk Tracking, Reporting & Dashboards Design, build, and maintainrisk dashboards and reportingthat provide transparency into: Open risk issues and remediation status Exception volumes, aging, risk aggregation and trends Risk assessment outcomes and key risk indicators (KRIs) Translate risk data into meaningful insights for senior leadership, customers and risk committees. Ensure accuracy, completeness, and audit-readiness of risk data across systems. Stakeholder & Governance Engagement Partner closely with Customers, Senior and Executive Leaders, Legal and other groups, to drive timely remediation and risk ownership. Support internal and external audits, regulatory inquiries, and risk governance forums with clear documentation and reporting. Process Improvement & Tooling Identify opportunities to streamline and automate risk operations workflows. Support enhancements to GRC and risk tooling, including requirements definition, testing, and adoption. Contribute to the maturation of the Integrated Risk Management operating model. Basic Qualifications: Experience: 6 + years of experience in Technology Risk, Cyber Risk, GRC, or IT Risk Management. Hands-on experience running technology risk assessments, issue management, exception processes and maintaining control libraries, policies, and standards. Familiarity with GRC platforms. Education : Bachelor’s degree in Cybersecurity, Information Technology, Computer science or a related field. Technical Expertise : Strong knowledge of technology control frameworks (e.g., NIST CSF/800-53, ISO 27001, CIS). Proven ability to create risk dashboards and executive-level reporting. Strong analytical, documentation, and process design skills Language Skills : Excellent stakeholder management and communication skills. Proficient in English for effective communication and coordination. Preferred Qualifications: Experience : Team leadership experience working within aCISO organizationor large enterprise technology environment. Implementation or maintenance experience withGRC platforms. 3+yrs experience in a top tier professional services firm, performing technology audit and/or risk management engagements. Education and Certifications : Masters degree in Cybersecurity, Information Technology, Computer Science or a related discipline is preferred. Industry-recognized credentials such as CISSP, CISM, CRISC, or ISO 27001 Lead Implementer are highly desirable. Language Skills : Bi-lingual in English and Korean language proficiency is preferred to support global coordination and communication. Team Culture: The team fosters a high-performance, collaborative environment centered around proactive technology risk management and excellent customer service. Members are expected to lead with accountability, communicate effectively across functions, and adapt to dynamic challenges. The culture values technical excellence, continuous improvement, and global coordination, ensuring technology risks are well managed. Base Salary Range: $120,000 - $150,000 Powered by JazzHR sGTsKOfrr7