Sr. Manager, Data Loss Prevention

Hyundai Capital America

Irvine, CA
Education
Industry
Benefits
Skills
Experience
Special Commitments
Other
Apply
10,000+ Similar Jobs

Sr. Manager, Data Loss Prevention - (250000BO)

Description

Who We Are

Through our service brands Hyundai Motor Finance, Genesis Finance, and Kia Finance, Hyundai Capital America offers a wide range of financial products tailored to meet the needs of Hyundai, Genesis, and Kia customers and dealerships. We provide vehicle financing, leasing, subscription, and insurance solutions to over 2 million consumers and businesses. Embodying our commitment to grow, innovate, and diversify, we strive to reimagine the customer and dealer experience and launch innovative new products that broaden our market reach. We believe that success comes from within and are proud to support our team members through skill development and career advancement. Hyundai Capital America is an Equal Opportunity Employer committed to creating a diverse and inclusive culture for our workforce. We are a values-driven company dedicated to supporting both internal and external communities through volunteering, philanthropy, and the empowerment of our Employee Resource Groups. Together, we strive to be the leader in financing freedom of movement.

We Take Care of Our People

Along with competitive pay, as an employee of HCA, you are eligible for the following benefits:

  • Medical, Dental and Vision plans that include no-cost and low-cost plan options
  • Immediate 401(k) matching and vesting
  • Vehicle purchase and lease discounts plus monthly vehicle allowances
  • Paid Volunteer Time Off with company donation to a charity of your choice
  • Tuition reimbursement

What to Expect

The Sr. Manager, Data Loss Prevention (DLP) will lead the design, implementation, and management of the organization’s DLP program, ensuring the protection of sensitive financial data (e.g., PII, payment card data, intellectual property) across endpoints, networks, and cloud environments. Reporting to the Director of Cybersecurity Engineering & Operations, this role will manage a team of DLP engineers and analysts, oversee DLP platform operations, and collaborate with cross-functional teams to align data protection strategies with business objectives and financial regulations (e.g., PCI DSS, GDPR, Korean SOX, FFIEC, etc.). innovation in data security and compliance.

What You Will Do

1. DLP Program Strategy and Leadership:

  • Program Ownership: Lead the end-to-end management of the DLP program, including strategy, policy development, and implementation of DLP solutions (e.g., Symantec DLP, Microsoft Purview, etc.).
  • Strategic Roadmap: Develop and execute a multi-year DLP strategy aligned with organizational goals, zero-trust principles, and financial industry trends.
  • Team Leadership: Manage, mentor, and develop a team of DLP engineers and analysts, fostering a culture of technical excellence, collaboration, and continuous improvement.
  • Cross-Functional Collaboration: Partner with IT Infrastructure, IT Applications, DevOps, Legal and Data Privacy, Information Protection Governance and business units to integrate security into digital transformation initiatives.
  • Executive Reporting: Present DLP strategies, risks, and performance metrics to the Director of Cybersecurity Engineering & Operations, CISO, and senior leadership, translating technical details into business impacts.

2. DLP Platform Operations:

  • Policy Development and Enforcement: Define and enforce DLP policies to prevent unauthorized data exfiltration, covering email, web, cloud, and endpoint channels, tailored to financial data (e.g., credit card numbers, customer PII).
  • Data Classification: Implement, manage and maintain the data classification and tagging systems to identify, prioritize, and protect sensitive assets, ensuring compliance with GDPR, PCI DSS, and other regulations.
  • Monitoring and Incident Response: Oversee real-time monitoring of data flows using DLP tools integrated with SIEM platforms (e.g., Splunk) and lead rapid response to DLP incidents, such as data leaks or policy violations.
  • Endpoint and Cloud Protection: Deploy and maintain DLP controls across endpoints (e.g., laptops, mobile devices) and cloud platforms (e.g., AWS, Azure, Google Cloud and Oracle Cloud) to secure data in hybrid environments.
  • Performance Metrics: Establish and track KPIs (e.g., incident detection rates, false positive rates, policy violation resolution times) to measure DLP program effectiveness and compliance.

3. Technical Innovation and Automation:

  • Automation: Drive automation of DLP processes (e.g., policy enforcement, incident triage) using scripting (e.g., Python, PowerShell) and workflow tools to improve efficiency and reduce false positives.
  • AI and Analytics: Leverage AI-driven DLP analytics (e.g., behavioral analysis, content inspection) to detect and prevent sophisticated data loss scenarios, such as insider threats or targeted exfiltration.
  • Integration: Ensure seamless integration of DLP platforms with IAM systems (e.g., SailPoint, CyberArk, etc.), SIEM, and financial systems (e.g., core banking, payment gateways) to enhance visibility and control.
  • Tool Optimization: Continuously evaluate and optimize DLP tools and configurations to balance security, performance, and user experience in financial operations.
  • Continuous Improvement: Conduct regular program assessments and gap analyses to identify opportunities for optimization and innovation in data protection.

4. Compliance and Risk Management:

  • Regulatory Compliance: Ensure DLP practices meet financial regulations (e.g., PCI DSS, GDPR, SOX, FFIEC, NYDFS) through policy enforcement, audit-ready reporting, and regular risk assessments.
  • Risk Assessments: Conduct data risk assessments to identify and mitigate vulnerabilities, such as unsecured data repositories or misconfigured cloud storage.
  • Vendor Management: Evaluate and manage relationships with DLP vendors (e.g., Symantec, Microsoft) and Managed Security Service Providers (MSSPs) to ensure platform reliability and alignment with security goals.
  • Policy Development: Develop and maintain DLP policies, standards, and procedures in line with industry frameworks (e.g., NIST 800-53, ISO 27001).

5. Team Management and Development:

  • Team Management: Lead, mentor, and develop a team of DLP engineers, analysts, and architects, fostering a culture of innovation and accountability.

Qualifications

What You Will Bring

  • Minimum 8 years progressive experience in cybersecurity, with at least 3 years in a technical leadership or managerial role overseeing DLP programs or data security operations.
  • 3+ years of experience in financial services, with a strong understanding of financial data threats (e.g., data breaches, fraud) and regulations (e.g., PCI DSS, Korean SOX, GDPR).
  • Hands-on experience designing and managing enterprise-grade DLP platforms (e.g., Symantec DLP, Microsoft Purview, etc.).
  • Proven track record of implementing data classification, policy enforcement, and incident response in complex, regulated environments
  • Bachelor’s degree in computer science, Information Security, or related field; advanced degree preferred
  • At least one of the following: CISSP, CISM, CISA, or equivalent. DLP-specific certifications (e.g., Certified DLP Professional) are a plus.
  • Knowledge of security frameworks such as NIST, ISO 27001, and COBIT.
  • Technical leader with deep DLP expertise, and the ability to drive innovation in data security and compliance.
  • Expertise in DLP platforms (e.g., Symantec DLP, Microsoft Purview, etc.) and data protection technologies (data classification, encryption, tokenization).
  • Proficiency in cloud security (AWS, Azure, Google Cloud, Oracle Cloud) and securing data in hybrid environments.
  • Strong knowledge of SIEM integration (e.g., Splunk, etc.) and data analytics for threat detection.
  • Experience with automation and scripting (e.g., Python, PowerShell, Bash) for DLP workflows.
  • Familiarity with financial systems (e.g., core banking platforms, payment gateways) and their data security requirements.

Preferred

  • Experience with AI-driven DLP analytics or behavioral analysis tools for proactive data loss prevention.
  • Familiarity with IAM integration (e.g., SailPoint, CyberArk) for comprehensive data security.
  • Knowledge of DevSecOps and secure software development lifecycles (SDLC) in financial applications.
  • Experience managing MSSP relationships for DLP support.
  • Understanding of emerging DLP trends, such as cloud-native DLP or insider threat prevention.

Work Environment

Employees in this class are subject to extended periods of sitting, standing and walking, vision to monitor and moderate noise levels. Work is performed in an office environment.

The posted salary range for this job takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; geographic location, and other business and organizational needs. Successful candidates may be hired anywhere in the salary range based on these factors. It is uncommon to hire candidates at or near the top of the range.

California Privacy Notice

This notice only applies to our applicants who reside in the State of California.

The latest version of our Privacy Policy can be found here. This Privacy Policy provides you with notice, at or before the point of collection, about the categories of personal information to be collected from you, the purposes for which your personal information is collected or used, and whether that information is sold or shared, so that you can exercise meaningful control over our use of your personal information. We are providing this notice to comply with the California Consumer Privacy Act of 2018, as amended as amended by the California Privacy Rights Act of 2020 (“CCPA”).

If you have any questions about CCPA regarding California residents or HCA team members, please contact the Privacy Team at Privacy2@hcs.com.

Primary Location

: United States-California-Irvine

Work Locations

:

Headquarters 1

3161 Michelson Dr. Ste 1900

Irvine 92612

Job

: IT Application

Job Type

: Regular

Overtime Status

: Exempt

Schedule

: Full-time

Minimum Salary: $

140,500.00

Maximum Salary: $

217,800.00

Job Posting

: May 16, 2025

Read Full Description
Apply
Jobs at Hyundai Capital America
Similar Jobs
Confirmed 13 hours ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles

Leaving Consulting: The Why, When, How and What For?
Managing a Software Career
Demand for (Artificial) Intelligence: Jobs for Engineers & Scientists
Big Data Means Big Employment
Is it Really 10 Times Harder to Get Into Google Than Goldman Sachs?
How To Get Into Investment Banking

Roles for AI Engineers and Scientists in Financial Institutions

Roles for Junior Investment Bankers

Mid-Level and Senior Investment Banking Jobs