Security and Compliance Director

Security Compliance Director
– R0008054 Wolters Kluwer is a global leader in professional information services.

Professionals in the areas of legal, business, tax, accounting, finance, audit, risk, compliance and healthcare rely on Wolters Kluwer’s market leading information-enabled tools and software solutions to manage their business efficiently, deliver results to their clients, and succeed in an ever more dynamic world.

Wolters Kluwer combines deep domain knowledge with specialized technology.

Our portfolio offers software tools coupled with content and services that customers need to make decisions with confidence.

Every day, our customers make critical decisions to help save lives, improve the way we do business, build better judicial and regulatory systems.

We help them get it right Financial Information Services (FIS) offers financial product compliance and underwriting risk management solutions to the financial services market.

This business area brings its solutions to market as Wolters Kluwer Compliance Services and Lien Solutions.

Responsibilities Manage a small team of security, audit and compliance analysts.

Ensure cyber security measures are in place Lead and participate in the vulnerability and penetration testing projects to detect and address vulnerabilities Manage effort to remediate vulnerabilities and client audit findings.

Lead all efforts and to maintain and direct a comprehensive Audit and Compliance Program based upon industry standard best practices and compliance mandates.

Represent the company in internal and external audits and ensure all contractsproposals are in compliance with Lien Solutions policies and procedures.

Lead and respond to internal, external and client-based security and due diligence audits Construct and conduct 3rd party and vendor IT security assessments and audits in conjunction with the GBS (Global Business Services) Vendor Relations Manager Partner with GBS in the development, enforcement, and maintenance of security policies, procedures, practices, controls, and mechanisms to protect the confidentiality, integrity of datainformation and to prevent, detect, contain, and correct information security deficiencies Lead the implementation of GRC (Governance Risk Compliance) privacy initiatives within Lien Solutions Establish, maintain and assess the Lien Solutions compliance framework and IT risk assessment process Lead and respond to internal, external and client
– based security and due diligence audits Construct and conduct 3rd party and vendor IT security assessments and audits in conjunction with the GBS Vendor Relations Manager Identify security protection goals, objectives and metrics consistent with enterprise best practices and GBS directives Promote a culture that considers information security in all activities Support IT teams and Scrums on security-related services and on projects including deployment and maintenance of policy enforcement tools, techniques, and reporting Participate in change and configuration control processes and reviews Raise security awareness among the IT staff and business stake holders Work in conjunction with various Lien Solutions cross functional team to assist reviews for SOW’s MSA’s and contracts Work with outside consultants for independent SOC security audits and assessments Work to understand, assess and provide guidance on emerging security related guidance as related to the OCC, FDIC and FFIEC, as well as, other regulators within the financial industry.

Direct other Lien Solutions teams and 3rd parties in monitoring, testing and assessing IT controls.

Assure all internal self-audit functions are completed and monitored to ensure compliance with IT and GBS policies Participate in a WK GBS cross business unit IT security team to assist with reviews of global security policies Lead WKLS business continuity efforts under the guidance of the GRC business continuity manager Coordinate WKLS PCI responses as part of a global assessment program Lead effort to complete Business Impact Analysis and Security Maturity Assessment Qualifications Minimum of ten years of experience in an Information Security role Minimum of three years of experience specifically in an information security management role, strongly preferred Minimum of a Bachelor’s degree from an accredited collegeuniversity or equivalent work experience Master’s degree preferred CISSP andor CISM or other security related security certification Minimum of five years of experience in IT Audit with client-facing skills Minimum of three years of experience specifically in an information security management role, strongly preferred Experience with coordinating, participating and responding to client questioners, audits and contract negotiations Perform audits and manage auditor expectations Driving compliance requirements to manage security risks Experience with conducting, leading and assessing 3rd parties Experience with Financial services industry Audit and Compliance processes and standards as refined by OCC, FFIEC andor FDIC Knowledge of business continuity and privacy (CCPA, GDPR) privacy principles Experience in coordinating and leading SOC internal assessments Experience working collaboratively with business owners, subject matter experts, Software engineering and infrastructure teams during implementation of security related requirements.

Knowledge of governance frameworks (NIST, ISO27001, etc) Experience with IDSNACDLP Experience with Vulnerability Management, Log Management Systems, patching tools, Scanners, firewalls, web proxies, web applications testing, Multi-factor Authentication Solid understanding and practical experience in using and developing governance and risk frameworks Solid understanding of InfrastructureNetworkingSecurityWindows Design and Administration.

10 to 15 North American travel All Locations USA-TX-Houston-Allen Pkwy