About the role

Governance and IT Compliance Platform Lead at Wolters Kluwer overseeing GRC platforms and ensuring compliance with security frameworks. Partnering with multiple stakeholders to enhance risk management processes.

Responsibilities

Define and execute the enterprise GRC technology and platform strategy, ensuring alignment with security frameworks (e.g., NIST CSF, NIST 800-53, DORA, etc.)
Serve as the primary owner of the GRC platform(s), overseeing configuration, integration, upgrades, managing platform changes and roadmap and optimization to meet enterprise needs.
Translate governance, risk, and compliance processes into platform workflows, dashboards, and reporting that support issue management, risk assessments, policy governance, evidence collection, risk register generation and alignment with organizational units.
Collaborate with information security, IT, compliance, operations, and legal partners in the development, integration, and operation of the platform and intertwined product strategies and roadmaps.
Drive automation of risk and compliance processes to reduce manual effort, improve audit readiness, and increase sustainability of controls.
Develop dashboards, analytics, and reporting to provide actionable insights to executives, regulators, auditors, and business leadership.
Establish platform governance standards, change control processes, and ongoing lifecycle management and own/drive cross-functional sessions and demand management mechanisms.
Manage relationships with platform vendors and system integrators, including licensing, renewals, escalations, and roadmap discussions.
Lead and mentor a small team of GRC platform administrators, analysts, or consultants as needed.

12-15+ years of demonstrated progressive experience in IT, Cybersecurity, IT Governance and Risk, and Platform / Tool / Product architecture and management
10 years hands on experience delivering and leading wide-scale GRC platform initiatives and products
8+ years of hands on experience managing GRC platforms and solutions spanning multiple data sources, systems, and systems of record culminating and a centralized GRC ecosystem
5+ years management, enterprise-wide transition, and/or transformation programs
Strong experience with various GRC and IT Security systems and platforms such as ServiceNow, and leading IT controls, compliance, scanning, vulnerability, and IT security tools and products
Deep understanding of IT risk, security, compliance, and audit frameworks (e.g., NIST CSF, NIST 800-53, ISO 27001, COBIT, SOX, HIPAA, PCI DSS)
Strong technical knowledge of GRC platforms (e.g., ServiceNow IRM, Archer, MetricStream, OneTrust, or similar)
Experience designing automated workflows, integrations, and reporting dashboards
Familiarity with regulatory requirements in multiple jurisdictions (e.g., EU, US, APAC)
Knowledge of IT processes such as change management, incident management, and CI/CD integration preferred
Excellent presentation skills, both creating slides and delivering presentations to a variety of audiences.
Ability to translate complex regulatory and risk requirements into system design.