Hybrid Locations: USA-NY-New York-Liberty St, USA-CO-Denver-South Syracuse St, USA-DE-Wilmington-Orange St, USA-FL-Tampa-West Boy Scout Blvd, USA-GA-Kennesaw-Chastain Meadows Ct NW, USA-IL-Chicago-West Adams St, USA-MA-Waltham-Third Ave, USA-MD-Baltimore-West Pratt Street, USA-PA-Philadelphia-Market St, USA-TX-Austin-Brazos St, USA-TX-Coppell-Rombauer Rd, USA-TX-Houston-Allen Pkw
Wolters Kluwer is looking for an accomplished and experienced IT Security Associate Director - Security Governance Lead to join our Strategic Security Services team within Global Information Security. This critical role will oversee and improve our global IT & Cybersecurity Governance, Risk, Regulatory Change, Metrics, and Reporting functions. You will have expertise in governance, risk management, and compliance, with experience navigating multiple security frameworks, leading complex technical programs, and advancing IT risk and control capabilities. The IT Security Associate Director will report to the head of Strategic Security Services.
Key Responsibilities:
- Lead comprehensive cybersecurity governance, risk management, and compliance projects.
- Develop and refine policies, standards, and procedures to ensure understanding of main control frameworks.
- Monitor and anticipate regulatory changes, promoting knowledge sharing, readiness analysis, and compliance reporting.
- Establish and maintain cybersecurity metrics, KPIs, and KRIs for senior leadership and both technical and non-technical partners.
- Serve as a liaison between senior leadership and technical teams, effectively translating complex security issues into strategic business risks and objectives.
- Promote the development and implementation of a Common Controls Framework for IT & Security risk management, aligned with sources such as NIST 800-53, NIST CSF, ISO 27001, DORA, GDPR, PCI DSS, and others.
- Provide expert guidance to enhance critical IT Risk management capabilities, including control taxonomy development, GRC tool deployment, and the expansion and maturation of risk treatment programs.
- Analyze cross-functional security indicators to identify thematic risks and trends and contribute to the formulation of both annual and multi-year strategies that balance business needs and industry best practices.
- Support delivery of technical programs spanning Identity and Access Management (IGA/CIEM/Privileged Access), Security Operations, Application Security, Cloud Security, and other security domains.
- Provide risk-based consultative feedback and identify technical issues across main technology and security domains.
Required Skills
- Extensive knowledge and practical experience with security frameworks and compliance requirements.
- Proven leadership experience in managing teams and/or program delivery.
- Strong expertise in cybersecurity governance, risk management, and IT audit processes.
- Comprehensive experience with risk assessment, control development, control testing, and operational risk management practices.
- Strong background with key technical domains, capabilities, concepts, and broad operating environments including but not limited to; Identity and Access Management, Cloud Security, Cyber Operations, Threat Intelligence, Vulnerability Management, and Hybrid Cloud environments.
- Exposure to emerging technologies and future-state threats and experience developing strategies and capabilities to mitigate them.
- Experience working with and/or managing contractors/third-party providers as well as experience drafting and reviewing RFPs and responses.
- Experience building programs and capabilities based on leading-edge controls frameworks, standards, and methodologies.
- Demonstrated ability to develop, implement, and manage security policies, standards, and metrics.
- Experience with presenting to senior executives, regulators, and non-technical stakeholders.
- Excellent communication skills, with the ability to distill technical issues into clear and actionable business risks.
- Preferred certifications: CISA, CISSP, CRISC, CISM, CEH, CCNA, etc.
- Strategic thinker with a demonstrated ability to manage and deliver complex projects and programs independently.
- Strong influencing skills, capable of driving change and executing sophisticated strategies.
Qualifications:
- Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field.
- At least 7+ years of experience in cybersecurity, risk management, IT governance, and regulatory compliance.
- 5+ years of experience developing control frameworks and working with technology teams to implement technical controls guidelines and solutions.
- Experience with highly regulated industries is required, experience within highly regulated industries is preferred.
Benefits:
A comprehensive benefits package that begins your first day of employment. Wolters Kluwer offers great benefits and programs to help meet your needs and balance your work and personal life, including Medical, Dental, & Vision Plans, 401(k), FSA/HSA, Commuter Benefits, Tuition Assistance Plan, Vacation and Sick Time, and Paid Parental Leave.
Diversity Matters
Wolters Kluwer strives for an inclusive company culture in which we attract, develop, and retain diverse talent to achieve our strategy. As a global company, having a diverse workforce is of the utmost importance.
Compensation:
Target salary range CA, CT, CO, HI, NY, WA: $176,600-$249,950
EQUAL EMPLOYMENT OPPORTUNITY
Wolters Kluwer U. S. Corporation and all of its subsidiaries, divisions and customer/business units is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.
#J-18808-Ljbffr