Montana Veteran Jobs

facebook youtube linkedin
Mobile Montana Labor & Industry Mobile Logo

Job Information

Wolters Kluwer IT Security Incident Manager in Helena, Montana

Acts as the focal point for all security event review, incident escalations, incident handling. Incumbent is responsible for ensuring security events rising to a defined threshold are escalated as security incidents and handled in accordance with Wolters Kluwer Incident Response Policy and Procedure. When applicable, the IT Security Incident Manager will involve other IT Security team members, IT Security Management and as directed, Senior WK Leadership.

Essential Duties and responsibilities

Wolters Kluwer Global Business Services (GBS) is designed to provide services to the business units in the areas of technology, sourcing, procurement, legal, finance, and human resources. These global centers promote team collaboration using best practices around a specific focus area to drive results and enhance operational efficiencies. There is a constant endeavor to benchmark against best-in-class industry standards to improve the quality of deliverables, increase cost savings, enhance productivity and reduce time to market for products and applications.

We have an amazing opportunity for an IT Security Manager (Incident Management), available within our Global Business Services division! This position has been created due to growth! The IT Security Manager (Incident Management) will be responsible for monitoring and response to all emerging security incidents in order to protect and enhance the confidentiality, integrity, and availability of Wolters Kluwer assets.

This position is remote.

As the IT Security Manager (Incident Management), you will lead information gathering efforts during investigation into suspected and confirmed security incidents to protect personal and confidential information at WK. In this role, you will be required to demonstrate proficiency in incident analysis, data gathering and information synthesis in every area of IT security management. Your role will also include interfacing with and responding to internal business unit IT representatives and stakeholders at all levels during emerging security incidents, real or simulated.


  • Primarily responsible for the response to and recovery from emerging information security incidents, acting as the focal point leading response efforts and ensuring effective action to contain and remediate the situation

  • Supports the investigation of reported security breaches and, in coordination with WK global security operations, develop procedures to respond to security incidents and assist with investigations

  • Contributes to the analysis and delivery of findings to internal customers with impactful, comparative, interpretative security analysis in a clear, consistent, and factual manner.

  • Responsible for establishing communications bridges and meetings in support of response efforts

  • Responsible for maintaining proper group focus during investigation activities and redirecting efforts in support of timely recovery

  • Responsible for aggregating information relevant to the situation and synthesizing probable root cause

  • Responsible for developing and recommending best course of action based on solid security principles

  • Driving the incident response process from detection through containment and eradication.

  • Accountable for documenting all WK and partner activity, taken in response to emerging situations

  • Accountable for the day-to-day review and assessment of security events that may become or contribute to security incidents.

  • Ensures work is compliant with WK enterprise policies, procedures and the local business plan

  • Responsible for ensuring appropriate post-mortem and lessons-learned sessions are conducted, following incident restoration of service

  • Responsible for organizing and taking part in cross-functional incident exercise activities, ensuring that policy and procedure are followed

  • Responsible for ensuring knowledge of IT security and emerging threat scenarios is current

  • Responsible for ensuring knowledge of WK Global Information Security policies and standards

  • Responsible for reviewing threat intelligence sources is support of WK security situational awareness

  • Responsible for assisting in the development of vulnerability and threat related communications for potential dissemination to warn WK employees of an emerging situation

  • Responsible for ensuring information arising from incident response activities, that would result in configuration changes or other modifications to ensure WK security posture, is communicated to the proper operational contacts for execution.

Job Qualifications

Bachelor's Degree in Computer Science/MIS or equivalent experience

  • Minimum 7 years of total experience in Information Technology

  • Minimum 3 years of professional experience in an information security function, including analyzing and applying information security risk management, and privacy practices

  • Minimum 2 years in an information security incident handling role

  • Flexible working hours to support a global operation

  • Required Interpersonal Skills

  • Excellent oral and written communication ability

  • Ability to present complex technical issues and findings to diverse audiences in both technical and non-technical parlance, both orally and in writing

  • Diplomacy in working with customers and stakeholders

  • Ability to follow policy and procedure

  • Ability to work in a team and at times perform under stress

  • Demonstrate integrity in dealing with potentially sensitive data and restricted information

  • Exceptionally self-motivated with a superior analytical, evaluative, and problem-solving abilities

  • Ability to set and manage priorities judiciously

Required Technical Skills

  • Knowledge of basic security principles to include confidentiality, integrity, and availability; access control, authentication, and authorization; privacy and non-repudiation

  • Understanding of security vulnerabilities and exposures, and from where they arise

  • Familiarity with the Internet, its network protocols, and network applications and services

  • Knowledge of network security issues and host/system security issues

  • Understanding of malicious code of various types and various threat vectors

  • Experience with Risk Analysis and Risk Management

  • Basic understanding of programming and scripting, advanced knowledge a plus

  • Familiarity with OS and network forensics practices, traditional and cloud

  • Ability to perform log analysis at scale

  • Ability to curate, create and deploy detection signatures

  • Familiarity with hacking exploits and the ability to defend against them

Required Incident Handling Skills

  • Through good communication and documentation, presents a consistent front to customers and stakeholders

  • Ability to synthesize data from technical skills listed above to understand and identify intruder techniques

  • Ability to utilize interpersonal skills listed above to communicate with customers and stakeholders and bring quick resolution

  • Demonstrated ability to analyze ongoing situations for the potential of a security incident

  • Ability to maintain incident records in support of WK recovery, regulatory and legal requirements

  • Familiar with ITIL service management methodology.

  • Prior experience in a 24x7x365 operations environment.

  • Strong technical skills in security assessments of external service providers, providing security guidance, and participating in mock security breach exercises

  • Experience with GDPR and GDPR compliance implementations

  • Experience and/or SME knowledge of the ISO 27001, NIST 800-53, NIST CSF and PCI DSS.

  • Preferred certifications: CISSP, ITIL, GCIH, CERT/CC CSIH, GCTI

The above statements are intended to describe the general nature and level of work being performed by most people assigned to this job.

They re not intended to be an exhaustive list of all duties and responsibilities and requirements.


Wolters Kluwer U. S. Corporation and all of its subsidiaries, divisions and customer/business units is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.