Job Details

Cyber Defense, Application Security Engineer II

Location Irvine, CA

Company Overview Hyundai AutoEver America (HAEA), the dynamic IT powerhouse behind Hyundai Motor Corporation, a Fortune 500 global leader in the automotive industry. As a key affiliate, we provide cutting-edge IT services and support to top brands including Kia, Genesis, Hyundai Translead, Hyundai Mobis, Hyundai Capital, and Glovis. HAEA offers a truly global and collaborative environment. Here, you'll drive innovation, boost operational efficiency, and help shape the future of mobility for the Hyundai Motor Group. At HAEA, we understand that IT is the cornerstone of today's fast-evolving digital world. By uniting all IT resources under one roof, we deliver consistent, top-quality solutions while serving as the crucial information link between Hyundai's Global Headquarters and North American operations. If you're passionate about technology and eager to make a real impact at a world-class company, Hyundai AutoEver America is the place to grow your career. Join us and be part of the transformation that's driving the future of automotive innovation.

What You Will Be Doing

The Application Security Engineer II plays a key role in strengthening application security across the software development lifecycle. This role sits within the Cyber Defense organization and is responsible for defining and documenting Secure SDLC requirements, developing and managing a hardened cloud container image repository, and embedding automated security testing into CI/CD pipelines. The role requires hands-on technical capability combined with the ability to define standards, influence development teams, and ensure vulnerabilities are identified and remediated before final build and release, in alignment with agreed remediation timelines. The key responsibilities of this role are as described below:

• Secure SDLC Requirements & Standards
• Container Security & Hardened Images
• CI/CD Security Tooling & Integration
• Vulnerability Management & Remediation
• Collaboration & Enablement

Basic Qualifications:

• Experience: 5+ years of experience in Application Security, Product Security, or Secure Software Engineering with hands-on experience defining and implementing Secure SDLC requirements. Experience integrating SAST, DAST, and open-source vulnerability scanning into CI/CD pipelines
• Education : Bachelor's degree in Cybersecurity, Information Technology, Computer science or a related field.
• Technical Expertise : Practical experience securing containerized applications and managing hardened container images. Strong understanding of common application vulnerabilities (e.g., OWASP Top 10), modern CI/CD workflows and DevOps practices and secure coding and build processes. Strong troubleshooting and collaboration skills.
• Language Skills : Excellent stakeholder management and communication skills. Proficient in English for effective communication and coordination.

Preferred Qualifications:

• Experience : Hands on experience with industry leading Application Security tools for SAST, DAST and Opensource scanning. Experience with container platforms and registries (e.g., Docker, Kubernetes) and working in cloud-native application environments. Working knowledge of application threat modeling techniques is a plus.
• Education and Certifications : Masters degree in Cybersecurity, Information Technology, Computer Science or a related discipline is preferred. Industry-recognized credentials such as CISSP, CISM, or Application Security specific certifications (CSSLP, GWAPT, etc) are highly desirable.
• Language Skills : Bi-lingual in English and Korean language proficiency is preferred to support global coordination and communication.

Team Culture: The team fosters a high-performance, collaborative environment centered around proactive technology risk management and excellent customer service. Members are expected to lead with accountability, communicate effectively across functions, and adapt to dynamic challenges. The culture values technical excellence, continuous improvement, and global coordination, ensuring technology risks are well managed. Base Salary Range: $120,00 - $170,000