Sr. Risk Operation Analyst - Integrated Risk Management "IRM

Integrated Risk Management, Sr. Risk Operations Analyst

Location – Irvine, CA

Hyundai Auto Ever America (HAEA), the dynamic IT powerhouse behind Hyundai Motor Corporation, a Fortune 500 global leader in the automotive industry. As a key affiliate, we provide cutting‑edge IT services and support to top brands including Kia, Genesis, Hyundai Translead, Hyundai Mobis, Hyundai Capital, and Glovis. HAEA offers a truly global and collaborative environment. Here, you’ll drive innovation, boost operational efficiency, and help shape the future of mobility for the Hyundai Motor Group.

At HAEA, we understand that IT is the cornerstone of today’s fast‑evolving digital world. By uniting all IT resources under one roof, we deliver consistent, top‑quality solutions while serving as the crucial information link between Hyundai’s Global Headquarters and North American operations. If you’re passionate about technology and eager to make a real impact at a world‑class company, Hyundai Auto Ever America is the place to grow your career.

Join us and be part of the transformation that’s driving the future of automotive innovation.

The Risk Operations Senior Analyst plays a critical role within the Integrated Risk Management team, supporting the CISO organization by operating and continuously improving core technology risk processes. This role is responsible for maintaining the technology control library, policies, and standards, and for executing risk operations including Technology Risk Assessments, Risk Issue Management, and Risk Exception Management. The role also owns risk data integrity and reporting, producing dashboards and insights that track remediation progress, risk posture, and control effectiveness across the organization.

This position requires a blend of risk expertise, operational rigor, stakeholder management, and strong analytical and reporting skills.

• Maintain and evolve the enterprise technology control library, ensuring alignment with internal policies, standards, and external frameworks (e.g., NIST CSF 2.0, ISO 27001, CIS).
• Own the lifecycle management of technology risk policies and standards, including updates, reviews, approvals, and communications.
• Ensure controls, policies, and standards are clearly mapped to regulatory, legal, and business requirements.

• Run and continuously improve core Risk Operations processes, including:
  • Technology Risk Assessments (consistently assessing inherent risk, control effectiveness within the environment).
  • Risk Issue Management (identification, validation, remediation tracking, closure).
  • Risk Exception Management (intake, assessment, approvals, renewals, expirations).
• Ensure risk processes are executed consistently, on time, and in accordance with defined methodologies.
• Act as a subject matter expert for risk process guidance to technology, security, and business teams.

• Design, build, and maintain risk dashboards and reporting that provide transparency into:
  • Open risk issues and remediation status.
  • Exception volumes, aging, risk aggregation and trends.
  • Risk assessment outcomes and key risk indicators (KRIs).
• Translate risk data into meaningful insights for senior leadership, customers and risk committees.
• Ensure accuracy, completeness, and audit‑readiness of risk data across systems.

• Partner closely with Customers, Senior and Executive Leaders, Legal and other groups, to drive timely remediation and risk ownership.
• Support internal and external audits, regulatory inquiries, and risk governance forums with clear documentation and reporting.

• Identify opportunities to streamline and automate risk operations workflows.
• Support enhancements to GRC and risk tooling, including requirements definition, testing, and adoption.
• Contribute to the maturation of the Integrated Risk Management operating model.

• Experience:
  
  7+ years in Technology Risk, Cyber Risk, GRC, or IT Risk Management. Hands‑on experience running technology risk assessments, issue management,…