CrawlJobs Logo

Integrated Risk Management Head of Department

haeaus.com Logo

Hyundai AutoEver America

Location Icon

Location:
United States, Irvine

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

181240.00 - 259160.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

The Integrated Risk Management (IRM) Head of Department is a senior leadership role responsible for maintaining and leading the governance, risk, and compliance (GRC) functions that enable the effective management of information security risk across the enterprise and business units. This leader will update and operationalize a cohesive IRM strategy that aligns with corporate and business unit objectives, regulatory requirements, and global business operations.

Job Responsibility:

  • Oversee the enterprise-wide risk management lifecycle, including risk assessments, risk issue management, and risk exception management processes
  • Develop, update and maintain frameworks for identifying, assessing, mitigating, and monitoring security and operational risks
  • Ensure that risk posture and metrics are accurately reported to executive leadership, governance committees, business units and fellow heads of department
  • Lead the Information Security compliance program, ensuring alignment with regulatory and industry frameworks (e.g., ISO 27001, SOC 2, NIST, etc)
  • Coordinate and manage internal and external audits, assessments, and attestations
  • Partner with Legal, Privacy, and other control functions to ensure consistent and effective control implementation and testing
  • Lead the Third-Party Risk Management (TPRM) program, utilizing a risk-based due diligence, ongoing monitoring, and remediation process
  • Collaborate with Procurement, Legal, and business stakeholders to ensure integration of vendor risk management into the enterprise risk framework
  • Oversee the maintenance and governance of information security policies, standards, and procedures
  • Ensure policies reflect best practices, regulatory expectations, and evolving threat landscapes
  • Establish governance forums for policy exceptions and periodic reviews
  • Ensure adoption of relevant policies and standards across business units
  • Direct the Information Security Training and Awareness program, promoting a strong security culture throughout the organization
  • Develop metrics and campaigns to measure awareness effectiveness and employee engagement
  • Serve as a trusted advisor to the CISO and executive management, providing insights on risk posture, compliance maturity, and control effectiveness
  • Build and lead a high-performing, GRC team across North America
  • Lead the maintenance, and continuous evolution of the GRC platform to meet enterprise and business unit needs
  • Drive continuous improvement through automation, data-driven decision-making, and integration of IRM technologies and platforms

Requirements:

  • 15–20 years of progressive experience in Information Security and GRC
  • Proven track record managing global risk and compliance programs in complex, multinational organizations
  • Familiarity with ISO 27001, NIST CSF, SOC2 Type II or similar security and risk management frameworks
  • Experience leading audits, certifications, and regulatory assessments
  • Strong stakeholder management and communication skills, with the ability to influence across all organizational levels and business units
  • Bachelor’s degree in Information Security, Risk Management, or related field

Nice to have:

  • Masters degree in Cybersecurity, Risk Management or Business Administration is preferred
  • Industry-recognized credentials such as CISSP, CISM, CRISC, CGEIT, ISO 27001 Lead Implementer/Auditor) preferred
  • Deep understanding of risk management frameworks (NIST, ISO 31000, COSO), security standards (ISO 27001, NIST CSF), and regulatory requirements (GDPR, PCI DSS, etc.) is preferred
  • Bi-lingual in English and Korean language proficiency is preferred to support global coordination and communication
  • Background in cybersecurity consulting or advisory services, particularly in risk management, is a plus

Additional Information:

Job Posted:
December 09, 2025

Employment Type:
Fulltime
Work Type:
On-site work
Icon
View All Jobs In This Company
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Australia Jobs Canada Jobs Poland Jobs Ireland Jobs China Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy