Cyber Security Detection Engineer focusing on threat detection capabilities and security telemetry within complex environments. Collaborating across Security Operations, Cloud Engineering, and Compliance disciplines.
WK
Hybrid IT Security Associate Director – Governance, IT Compliance Platforms
Posted 4 months ago
About the role
- Governance and IT Compliance Platform Lead at Wolters Kluwer overseeing GRC platforms and ensuring compliance with security frameworks. Partnering with multiple stakeholders to enhance risk management processes.
Responsibilities
- Define and execute the enterprise GRC technology and platform strategy, ensuring alignment with security frameworks (e.g., NIST CSF, NIST 800-53, DORA, etc.)
- Serve as the primary owner of the GRC platform(s), overseeing configuration, integration, upgrades, managing platform changes and roadmap and optimization to meet enterprise needs.
- Translate governance, risk, and compliance processes into platform workflows, dashboards, and reporting that support issue management, risk assessments, policy governance, evidence collection, risk register generation and alignment with organizational units.
- Collaborate with information security, IT, compliance, operations, and legal partners in the development, integration, and operation of the platform and intertwined product strategies and roadmaps.
- Drive automation of risk and compliance processes to reduce manual effort, improve audit readiness, and increase sustainability of controls.
- Develop dashboards, analytics, and reporting to provide actionable insights to executives, regulators, auditors, and business leadership.
- Establish platform governance standards, change control processes, and ongoing lifecycle management and own/drive cross-functional sessions and demand management mechanisms.
- Manage relationships with platform vendors and system integrators, including licensing, renewals, escalations, and roadmap discussions.
- Lead and mentor a small team of GRC platform administrators, analysts, or consultants as needed.
Requirements
- 12-15+ years of demonstrated progressive experience in IT, Cybersecurity, IT Governance and Risk, and Platform / Tool / Product architecture and management
- 10 years hands on experience delivering and leading wide-scale GRC platform initiatives and products
- 8+ years of hands on experience managing GRC platforms and solutions spanning multiple data sources, systems, and systems of record culminating and a centralized GRC ecosystem
- 5+ years management, enterprise-wide transition, and/or transformation programs
- Strong experience with various GRC and IT Security systems and platforms such as ServiceNow, and leading IT controls, compliance, scanning, vulnerability, and IT security tools and products
- Deep understanding of IT risk, security, compliance, and audit frameworks (e.g., NIST CSF, NIST 800-53, ISO 27001, COBIT, SOX, HIPAA, PCI DSS)
- Strong technical knowledge of GRC platforms (e.g., ServiceNow IRM, Archer, MetricStream, OneTrust, or similar)
- Experience designing automated workflows, integrations, and reporting dashboards
- Familiarity with regulatory requirements in multiple jurisdictions (e.g., EU, US, APAC)
- Knowledge of IT processes such as change management, incident management, and CI/CD integration preferred
- Excellent presentation skills, both creating slides and delivering presentations to a variety of audiences.
- Ability to translate complex regulatory and risk requirements into system design.
Benefits
- Medical, Dental, & Vision Plans
- 401(k)
- FSA/HSA
- Commuter Benefits
- Tuition Assistance Plan
- Vacation and Sick Time
- Paid Parental Leave
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Security Specialist managing mainframe security operations at PNC. Collaborating with teams on compliance and security risks while mentoring junior analysts.
Security Assurance Specialist coordinating security assessments within cybersecurity risk management at Vanguard. Ensuring effective risk and vulnerability management across applications and infrastructures.
Summer Intern supporting CIO PMO and Security teams at Sprinklr. Gaining hands - on experience in technology and security areas while assisting key initiatives.
Sicherheitsingenieur managing safety and integrated management systems for CRONIMET. Supporting the development of safety practices and conducting audits on various health and safety topics.
Senior Cloud Security Engineer securing public cloud platforms and services in the financial industry. Collaborating with teams to enhance security posture and ensure compliance in cloud environments.
Cybersecurity Metrics and Reporting Lead overseeing development of security metrics and dashboards. Collaborating with teams to improve cybersecurity program effectiveness and compliance tracking.
Senior Developer in Defensive Security for Clio, a leader in legal AI technology. Join a team to proactively tackle application security vulnerabilities and enhance security practices.
Intern role in emerging network systems at KBR Mission Technical Solutions. Focused on network interconnection problems and quality of service metrics in a collaborative environment.
Director of Product Security leading cybersecurity initiatives for medical devices at LivaNova. Ensuring patient safety and compliance with regulatory demands across product lifecycle.