Wolters Kluwer Advisory Security Services Director, Global Business Services in Lansing, Michigan
Wolters Kluwer Global Business Services (GBS) is designed to provide services to the business units in the areas of technology, sourcing, procurement, legal, finance, and human resources. These global centers promote team collaboration using best practices around a specific focus area to drive results and enhance operational efficiencies. There is a constant endeavor to benchmark against best-in-class industry standards to improve the quality of deliverables, increase cost savings, enhance productivity and reduce time to market for products and applications.
We have an amazing opportunity for an Advisory Security Services Director, available within our Global Business Services division! This position has been created due to growth! Our Advisory Security Services Director will be responsible for working closely with project teams and internal / external groups to protect and enhance the confidentiality, integrity, and availability of Wolters Kluwer assets.
This is an Individual Contributor Role, managing the process, requirements, qualifications, project teams, and delivery of all services, however, will not have direct reports. Growth is anticipated as this role expands! This is a key position for a Security Expert to use their experience and skill to grow in this role accordingly.
As the Advisory Security Services Director, you will be primarily responsible for developing and implementing programs to protect information assets owned and in use at Wolters Kluwer. In this role, you will be required to have proficiency in formulating IT risk strategies at every aspect of security management. Your role will also include coordination with 3rd party audits, internal audits, vendor due diligence, and IT global information security initiatives and compliance tasks and/or projects.You will provide information security guidance to executive leadership by recommending information security investments which mitigate risks, strengthen defenses, and reduce vulnerabilities for development, internal and client-facing systems and products.
Support VP of Global Information Security in creating and implementing a strategy for the deployment of information security technologies
Define and support the development of additional IT control framework, enforce global controls, and monitor/report security performance application within the assigned division or business units
Coordinate audit and regulatory inquiries, external customers and vendor activities to help represent the Wolters Kluwer business units from an information security, risk and technology risk perspective Performing IT security risk assessments and reporting on ways to minimize threats
Tracking latest IT security innovations and keeping abreast of latest cyber security technologies
Overseeing the investigation of reported security breaches and develop strategies to handle security incidents and trigger investigations
Responsible for managing and coordinating the information security, technology risk, vendor relationship management, product selection and negotiation of contracts for the assigned division or business units
Coordinate and lead security policy and IT risk management forums with operations and engineering leads as required to resolve outstanding/pending issues before requiring further escalation
Work with divisional management to develop long term strategy, annual security plans, budget and tactical plans to reduce the IT risk
Orchestrate the analysis and delivery of findings to internal customers with impactful, comparative, interpretative security analysis in a clear, consistent, and factual manner.
Facilitate the tracking and reporting on divisional and business units' metrics, results, data modelling, processing, calculating and transformation into meaningful metrics and reports
Stay abreast of the most recent security management frameworks, compliance processes and continually sharpen skills and capabilities
Bachelor's Degree. Prefer MIS/Computer Science or Engineering but will consider other verticals
Preferred certifications: CISSP, ISO, QSA, CRISC, CISM
5+ years-of demonstrated experience in information security management, security engineering,
4+ years of hands on experience / knowledge of industry standards as they relate to IT Risk Frameworks
4+ Experience with in shared services model, vendor and managed security services management, enterprise wide transition and transformation programs
Experience with governance, IT general control framework, ISo2700x, HiTrust, Cobit, ITIL, etc.
An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner
Strong knowledge of the following areas of technical expertise: information policy formulation, information security management, business risk management, IT risk assessment and management, IT continuity management, IT governance formulation, organizational change management, IT financial management, and IT audit
Deep experience implementing and leading information security policy and risk management programs with regard to regulation and guidance
In-depth and hands on expertise to guide the organization on current information security and IT risk management frameworks and threats, and ability to recommend means to address those threats
Strong influencing skills and the ability to champion security and educate staff on the latest security risk, software protection, assurance methods and technologies
Strong work ethic, excellent use of discretion and judgment, and the mature ability to establish credibility and rapport with senior executives and technical and non-technical team members
Strong understanding of security requirements in the application development life cycle
Experience in organizing change management, awareness and training for end users, as well as acting as an internal consultant to IT leaders, Architects and Operations for planning and implementing IT initiatives
Strong technical management skills in overseeing security assessments of external service providers, providing security guidance, and overseeing mock security breach exercises
Strong project management and business requirement development skills in a very fast paced, complex, and demanding environment
Preferred Experience with GDPR and GDPR compliance implementations
Knowledge of computer networks, hardware, operating systems, and software including understanding of application and patch development
Experience and preferred SME knowledge of the one or more of the following: ISO, NIST 800-53, NIST/CSF and/or PCI
Occasional Domestic or International Travel, up to 25%
Wolters Kluwer N.V. (AEX: WKL) is a global leader in information services and solutions for professionals in the health, tax and accounting, risk and compliance, finance and legal sectors. We help our customers make critical decisions every day by providing expert solutions that combine deep domain knowledge with specialized technology and services.
Wolters Kluwer reported 2017 annual revenues of €4.4billion. The company, headquartered in Alphen aan den Rijn, the Netherlands, serves customers in over 180 countries, maintains operations in over 40 countries and employs 19,000 people worldwide. Wolters Kluwer shares are listed on Euronext Amsterdam (WKL) and are included in the AEX and Euronext 100 indices.
For more information about our solutions and organization, visit www.wolterskluwer.com, follow us on Twitter, Facebook, LinkedIn, and YouTube.
EQUAL EMPLOYMENT OPPORTUNITY
Wolters Kluwer U. S. Corporation and all of its subsidiaries, divisions and customer/business units is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled