This job board retrieves part of its jobs from: Toronto Jobs | Emplois Montréal | IT Jobs Canada

The New York State wants YOU to start a career here!

To post a job, login or create an account |  Post a Job

IT Security Director (TAA)

Wolters Kluwer

This is a Full-time position in New York, NY posted February 18, 2021.

As the IT Security Director (Tax Advisory Security Services Lead), you will be primarily responsible for developing and implementing programs to protect information assets owned and in use at Wolters Kluwer. In this role, you will be required to have proficiency in formulating IT risk strategies at every aspect of security management. Your role will also include coordination with 3rd party audits, internal audits, vendor due diligence, and IT global information security initiatives and compliance tasks andor projects. You will provide information security guidance to executive leadership by recommending information security investments which mitigate risks, strengthen defenses, and reduce vulnerabilities for development, internal and client-facing systems and products. Essential Duties and Responsibilitiesbull Support VP of Global Information Security in creating and implementing a strategy for the deployment of information security technologies bull Define and support the development of additional IT control framework, enforce global controls, and monitorreport security performance application within the assigned division or business units bull Coordinate audit and regulatory inquiries, external customers and vendor activities to help represent the Wolters Kluwer business units from an information security, risk and technology risk perspective Performing IT security risk assessments and reporting on ways to minimize threats bull Tracking latest IT security innovations and keeping abreast of latest cyber security technologies bull Overseeing the investigation of reported security breaches and develop strategies to handle security incidents and trigger investigations bull Responsible for managing and coordinating the information security, technology risk, vendor relationship management, product selection and negotiation of contracts for the assigned division or business units bull Coordinate and lead security policy and IT risk management forums with operations and engineering leads as required to resolve outstandingpending issues before requiring further escalation bull Work with divisional management to develop long term strategy, annual security plans, budget and tactical plans to reduce the IT risk bull Orchestrate the analysis and delivery of findings to internal customers with impactful, comparative, interpretative security analysis in a clear, consistent, and factual manner. bull Facilitate the tracking and reporting on divisional and business units’ metrics, results, data modelling, processing, calculating and transformation into meaningful metrics and reports bull Stay abreast of the most recent security management frameworks, compliance processes and continually sharpen skills and capabilitiesEducationCertifications bull Bachelor’s Degree in Computer ScienceMIS or equivalent bull Preferred certifications CISSP, ISO, QSA, CRISC, CISM Minimum Qualifications bull 10+ years-of demonstrated experience in information security management, security engineering, bull 5+ years of hands on experience knowledge of industry standards as they relate to IT Risk Frameworks bull 5+ Experience with in shared services model, vendor and managed security services management, enterprise wide transition and transformation programs bull Experience with governance, IT general control framework, ISo2700x, HiTrust, Cobit, ITIL, etc. Required QualificationsExperiencebull An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner bull Strong knowledge of the following areas of technical expertise information policy formulation, information security management, business risk management, IT risk assessment and management, IT continuity management, IT governance formulation, organizational change management, IT financial management, and IT audit bull Deep experience implementing and leading information security policy and risk management programs with regard to regulation and guidance bull In-depth and hands on expertise to guide the organization on current information security and IT risk management frameworks and threats, and ability to recommend means to address those threats bull Strong influencing skills and the ability to champion security and educate staff on the latest security risk, software protection, assurance methods and technologies bull Strong work ethic, excellent use of discretion and judgment, and the mature ability to establish credibility and rapport with senior executives and technical and non-technical team members Preferred QualificationsExperiencebull Strong understanding of security requirements in the application development life cycle bull Experience in organizing change management, awareness and training for end users, as well as acting as an internal consultant to IT leaders, Architects and Operations for planning and implementing IT initiatives bull Strong technical management skills in overseeing security assessments of external service providers, providing security guidance, and overseeing mock security breach exercises bull Strong project management and business requirement development skills in a very fast paced, complex, and demanding environment bull Experience with GDPR and GDPR compliance implementations bull Knowledge of computer networks, hardware, operating systems, and software including understanding of application and patch development bull Experience andor SME knowledge of the ISO, NIST 800-53, NISTCSF and PCI.bull Occasional Domestic or International Travel, up to 25