Wolters Kluwer Global Business Services (GBS) is designed to provide services tothe business units in the areas of technology, sourcing, procurement, legal, finance, and human resources. These global centers promote team collaboration using best practices around a specific focus area to drive results and enhance operational efficiencies. There is a constant endeavor to benchmark against best-in-class industry standards to improve the quality of deliverables, increase cost savings, enhance productivity and reduce time to market for products and applications.
We have an amazing opportunity for an Advisory Security Services Director, available within our Global Business Services division! This position has been created due togrowth! Our Advisory Security Services Director will be responsible for workingclosely with project teams and internal / external groups to protect and enhance the confidentiality, integrity, and availability of Wolters Kluwer assets.
This is an Individual Contributor Role, managing the process, requirements, qualifications, project teams, and delivery of all services, however, will not have direct reports. Growth is anticipated as this role expands! This is a key position for a Security Expert to use their experience and skill to grow in this role accordingly.
As the Advisory Security Services Director, you will be primarily responsible for developing and implementing programs to protect information assets owned and in use at Wolters Kluwer. In this role, you will be required to have proficiency informulating IT risk strategies at every aspect of security management. Your role willalso include coordination with 3rd party audits, internal audits, vendor due diligence, and IT global information security initiatives and compliance tasks and/or projects.You will provide information security guidance to executive leadership byrecommending information security investments which mitigate risks, strengthen defenses, and reduce vulnerabilities for development, internal and client-facing systems and products.
- Support VP of Global Information Security in creating and implementing a strategy for the deployment of information security technologies
- Define and support the development of additional IT control framework, enforce global controls, and monitor/report security performance application within the assigned division or business units
- Coordinate audit and regulatory inquiries, external customers and vendor activities to help represent the Wolters Kluwer business units from an information security, risk and technology risk perspective Performing IT security risk assessments and reporting on ways to minimize threats
- Tracking latest IT security innovations and keeping abreast of latest cyber security technologies
- Overseeing the investigation of reported security breaches and develop strategies to handle security incidents and trigger investigations
- Responsible for managing and coordinating the information security, technology risk, vendor relationship management, product selection and negotiation of contracts for the assigned division or business units
- Coordinate and lead security policy and IT risk management forums withoperations and engineering leads as required to resolve outstanding/pending issues before requiring further escalation
- Work with divisional management to develop long term strategy, annual security plans, budget and tactical plans to reduce the IT risk
- Orchestrate the analysis and delivery of findings to internal customers with impactful, comparative, interpretative security analysis in a clear, consistent, and factual manner.
- Facilitate the tracking and reporting on divisional and business units' metrics, results, data modelling, processing, calculating and transformation into meaningful metrics and reports
- Stay abreast of the most recent security management frameworks, compliance processes and continually sharpen skills and capabilities
DivisionGlobal Business ServicesLocation(s)111 Eighth Ave 13th Floor, New York, NY; Remote Location, Any US City, Nationwi; 2700 Lake Cook Rd, Riverwoods, IL; Two Commerce Square 2001 Market St, Philadelphia, PA; One Corporate Center 20 Church St, Hartford, CT; 230 Third Ave, Waltham, MA; 9111 East Douglas Suite 200, Wichita, KS; 100 South Fifth St Fifth Street Towers, Minneapolis, MN; 225 Chastain Meadows Ct NW Suite 200, Kennesaw, GAQualifications
- Bachelor's Degree. Prefer MIS/Computer Science or Engineering but willconsider other verticals
- Preferred certifications: CISSP, ISO, QSA, CRISC, CISM
- 5+ years-of demonstrated experience in information security management, security engineering,
- 4+ years of hands on experience / knowledge of industry standards asthey relate to IT Risk Frameworks
- 4+ Experience with in shared services model, vendor and managed security services management, enterprise wide transition and transformation programs
- Experience with governance, IT general control framework, ISo2700x, HiTrust, Cobit, ITIL, etc.
- An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner
- Strong knowledge of the following areas of technical expertise: information policy formulation, information security management, business risk management, IT risk assessment and management, IT continuity management, IT governance formulation, organizational change management, IT financial management, and IT audit
- Deep experience implementing and leading information security policy and risk management programs with regard to regulation and guidance
- In-depth and hands on expertise to guide the organization on current information security and IT risk management frameworks and threats, and ability to recommend means to address those threats
- Strong influencing skills and the ability to champion security and educate staff on the latest security risk, software protection, assurance methods and technologies
- Strong work ethic, excellent use of discretion and judgment, and themature ability to establish credibility and rapport with senior executives and technical and non-technical team members
- Strong understanding of security requirements in the application development life cycle
- Experience in organizing change management, awareness and training for end users, as well as acting as an internal consultant to IT leaders, Architects and Operations for planning and implementing IT initiatives
- Strong technical management skills in overseeing security assessments ofexternal service providers, providing security guidance, and overseeing mock security breach exercises
- Strong project management and business requirement development skills in a very fast paced, complex, and demanding environment
- Preferred Experience with GDPR and GDPR compliance implementations
- Knowledge of computer networks, hardware, operating systems, and software including understanding of application and patch development
- Experience and preferred SME knowledge of the one or more of thefollowing: ISO, NIST 800-53, NIST/CSF and/or PCI
- Occasional Domestic or International Travel, up to 25%
Wolters Kluwer N.V. (AEX: WKL) is a global leader in information services and solutions for professionals in the health, tax and accounting, risk and compliance, finance and legal sectors. We help our customers make critical decisions every day by providing expert solutions that combine deep domain knowledge withspecialized technology and services.
Wolters Kluwer reported 2017 annual revenues of €4.4billion. The company, headquartered in Alphen aan den Rijn, the Netherlands, serves customers in over 180 countries, maintains operations in over 40 countries and employs 19,000 people worldwide. Wolters Kluwer shares are listed on Euronext Amsterdam (WKL) and are included in the AEX and Euronext 100 indices.