Wolters Kluwer IT Security Incident Manager in Helena, Montana
Acts as the focal point for all security event review, incident escalations, incident handling. Incumbent is responsible for ensuring security events rising to a defined threshold are escalated as security incidents and handled in accordance with Wolters Kluwer Incident Response Policy and Procedure. When applicable, the IT Security Incident Manager will involve other IT Security team members, IT Security Management and as directed, Senior WK Leadership.
Essential Duties and responsibilities
Wolters Kluwer Global Business Services (GBS) is designed to provide services to the business units in the areas of technology, sourcing, procurement, legal, finance, and human resources. These global centers promote team collaboration using best practices around a specific focus area to drive results and enhance operational efficiencies. There is a constant endeavor to benchmark against best-in-class industry standards to improve the quality of deliverables, increase cost savings, enhance productivity and reduce time to market for products and applications.
We have an amazing opportunity for an IT Security Manager (Incident Management), available within our Global Business Services division! This position has been created due to growth! The IT Security Manager (Incident Management) will be responsible for monitoring and response to all emerging security incidents in order to protect and enhance the confidentiality, integrity, and availability of Wolters Kluwer assets.
This position is remote.
As the IT Security Manager (Incident Management), you will lead information gathering efforts during investigation into suspected and confirmed security incidents to protect personal and confidential information at WK. In this role, you will be required to demonstrate proficiency in incident analysis, data gathering and information synthesis in every area of IT security management. Your role will also include interfacing with and responding to internal business unit IT representatives and stakeholders at all levels during emerging security incidents, real or simulated.
Primarily responsible for the response to and recovery from emerging information security incidents, acting as the focal point leading response efforts and ensuring effective action to contain and remediate the situation
Supports the investigation of reported security breaches and, in coordination with WK global security operations, develop procedures to respond to security incidents and assist with investigations
Contributes to the analysis and delivery of findings to internal customers with impactful, comparative, interpretative security analysis in a clear, consistent, and factual manner.
Responsible for establishing communications bridges and meetings in support of response efforts
Responsible for maintaining proper group focus during investigation activities and redirecting efforts in support of timely recovery
Responsible for aggregating information relevant to the situation and synthesizing probable root cause
Responsible for developing and recommending best course of action based on solid security principles
Driving the incident response process from detection through containment and eradication.
Accountable for documenting all WK and partner activity, taken in response to emerging situations
Accountable for the day-to-day review and assessment of security events that may become or contribute to security incidents.
Ensures work is compliant with WK enterprise policies, procedures and the local business plan
Responsible for ensuring appropriate post-mortem and lessons-learned sessions are conducted, following incident restoration of service
Responsible for organizing and taking part in cross-functional incident exercise activities, ensuring that policy and procedure are followed
Responsible for ensuring knowledge of IT security and emerging threat scenarios is current
Responsible for ensuring knowledge of WK Global Information Security policies and standards
Responsible for reviewing threat intelligence sources is support of WK security situational awareness
Responsible for assisting in the development of vulnerability and threat related communications for potential dissemination to warn WK employees of an emerging situation
Responsible for ensuring information arising from incident response activities, that would result in configuration changes or other modifications to ensure WK security posture, is communicated to the proper operational contacts for execution.
Bachelor's Degree in Computer Science/MIS or equivalent experience
Minimum 7 years of total experience in Information Technology
Minimum 3 years of professional experience in an information security function, including analyzing and applying information security risk management, and privacy practices
Minimum 2 years in an information security incident handling role
Flexible working hours to support a global operation
Required Interpersonal Skills
Excellent oral and written communication ability
Ability to present complex technical issues and findings to diverse audiences in both technical and non-technical parlance, both orally and in writing
Diplomacy in working with customers and stakeholders
Ability to follow policy and procedure
Ability to work in a team and at times perform under stress
Demonstrate integrity in dealing with potentially sensitive data and restricted information
Exceptionally self-motivated with a superior analytical, evaluative, and problem-solving abilities
Ability to set and manage priorities judiciously
Required Technical Skills
Knowledge of basic security principles to include confidentiality, integrity, and availability; access control, authentication, and authorization; privacy and non-repudiation
Understanding of security vulnerabilities and exposures, and from where they arise
Familiarity with the Internet, its network protocols, and network applications and services
Knowledge of network security issues and host/system security issues
Understanding of malicious code of various types and various threat vectors
Experience with Risk Analysis and Risk Management
Basic understanding of programming and scripting, advanced knowledge a plus
Familiarity with OS and network forensics practices, traditional and cloud
Ability to perform log analysis at scale
Ability to curate, create and deploy detection signatures
Familiarity with hacking exploits and the ability to defend against them
Required Incident Handling Skills
Through good communication and documentation, presents a consistent front to customers and stakeholders
Ability to synthesize data from technical skills listed above to understand and identify intruder techniques
Ability to utilize interpersonal skills listed above to communicate with customers and stakeholders and bring quick resolution
Demonstrated ability to analyze ongoing situations for the potential of a security incident
Ability to maintain incident records in support of WK recovery, regulatory and legal requirements
Familiar with ITIL service management methodology.
Prior experience in a 24x7x365 operations environment.
Strong technical skills in security assessments of external service providers, providing security guidance, and participating in mock security breach exercises
Experience with GDPR and GDPR compliance implementations
Experience and/or SME knowledge of the ISO 27001, NIST 800-53, NIST CSF and PCI DSS.
Preferred certifications: CISSP, ITIL, GCIH, CERT/CC CSIH, GCTI
The above statements are intended to describe the general nature and level of work being performed by most people assigned to this job.
They re not intended to be an exhaustive list of all duties and responsibilities and requirements.
EQUAL EMPLOYMENT OPPORTUNITY
Wolters Kluwer U. S. Corporation and all of its subsidiaries, divisions and customer/business units is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.