Security and Compliance Analyst- Remote - Sherbrooke, Canada - Wolters Kluwer

Wolters Kluwer

Verified Company

Sherbrooke, Canada

3 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

Interaction with external customers and third-party auditors to perform risk assessments and audit compliance will be required.

Essential Duties and responsibilities

Provide coordination and support of activities related to external and internal compliance audits and security governance across Tax and Accounting (TAA) division.

This will include a review of business-based needs, interaction with auditors, cost considerations, and coordination of onsite or remote audits.

Audits frameworks could include SOC2, ISO27001, NIST 800-53, and privacy related frameworks such as GDPR

Review IT Vulnerability assessments for hardware and software systems, recommend and track remediation of vulnerability data across multiple systems.

Coordinate with Global GBS teams to manage workload and special project intakes. Ensure that all critical vendors are assessed annually and adhere to contractual requirements.

Coordinate and participate in security activities and effectively communicates across cross functional teams including Global Business (GBS), Global Security (GIS), Risk Management, Legal, TAA Enterprise Architecture, and TAA divisional security.

Participate in Global Information Security maturity assessments based on NIST 800-53

Other Duties

Assist with the coordination of Risk, Compliance and Privacy related activities and requests across Wolters Kluwer TAA businesses. Participate in global GDPR / Data privacy controls reviews as needed

Create and manage ServiceNow incident tickets for tasks to be assigned to WK Operations teams as needed

Perform custom security or compliance training as part of the annual security awareness program for TAA employees and contractors in coordination with Global teams.

Create and provide additional training as needed to meet custom requirements of TAA businesses.

Job Qualifications

Education:

Bachelor's Degree in Business, Computer Information Systems, or a related Computer Science field is required

Experience:

3+ Years of Experience working in an Information Security role or relevant information security domain knowledge
3+ years of experience working with Compliance auditors and security frameworks
Experience with SOC2 / ISO27001 audit frameworks is required
Understanding of Development methodology (SDLC) and Agile (SAFE) is preferred
Cloud security controls and experience within MS Azure or AWS systems is preferred
CISSP, SSCP or GIAC security certification is preferred

Other Knowledge, Skills, Abilities or Certifications:

Knowledge of audit methodology frameworks, SharePoint Administration, and audit tracking tools
Strong organizational skills, including ability to manage timelines, both as an individual and as part of a team.
Excellent oral and written communication and interpersonal skills
Strong Technology background (Software development, Information Technology, Vendor Risk Assessment)
Proven track record of working with crossfunctional business leaders to achieve difficult objectives
Ability to perform in complex crossfunctional business environment
Strong problem solving and troubleshooting skills
Team building and leadership skills
Proficient in Microsoft Word, Excel, and SharePoint Administration
Strong knowledge of ServiceNow platform

Travel Requirements

Some travel may be required