The Global Information Security team works diligently every day to keep Wolters Kluwer's systems, data, and digital infrastructure secure, while protecting its people, assets, brand, and reputation from malicious cyber actors.
Through training, sharing of best practices and the rollout of expanded enterprise security tools, the GIS team empowers employees to do their part to keep our systems secure.
ROLEWithin the Compliance & Assurance function, the
Senior IT Security Analyst establishes information security compliance and assurance programs that meet business requirements and undertakes risk management, control management, audit management, and control framework improvement related activities.
ESSENTIAL DUTIES AND RESPONSIBILITIESCompliance & Assurance programs:- Collaborate with Wolters Kluwer businesses to understand their information security compliance and assurance needs.
- Establish and manage compliance and assurance programs accordingly.
- Bring information security compliance expertise; educate on compliance matters.
- Support the design, implementation, and performance of IT controls to help ensure compliance.
IT Audit:- Help define pluriannual audit plans.
- Coordinate interactions between internal teams and auditors.
- Prior to audits, prepare audited teams.
- During audits, facilitate walkthroughs, gathering and checking of evidence requested by auditors; perform audit activities, if applicable.
- After audits, ensure that resulting observations are addressed, with corrective and preventive actions defined, assigned, understood, and implemented within agreed timeframes.
- Maintain audit management methodology and associated tools.
IT Risk management:- Risk identification, evaluation, and treatment.
- Regular review of risks.
- Implementation of risk treatment actions.
- Maintenance of risk management methodology and associated tools.
IT control:- Review controls regularly to ensure their continuing adequacy and effectiveness.
- Perform controls that fall under Compliance & Assurance.
- Monitor controls to help ensure timely completion with the expected quality.
- Manage control deviations.
- Maintain control management methodology and associated tools.
Action plans:- Support the definition of action plans that adequately address audit observations, compliance deviations, risk treatment actions, and control improvement overall.
- Monitor and document the progress of action plans.
- Timely alert of any issues with the action plans.
EXPERIENCE/JOB QUALIFICATIONS- University degree in general engineering or related to information security, IT, or software development (BAC+5 in France).
- Security certifications are valued.
- 8 to 15 years in IT environment.
- IT risk, control, audit.
- Compliance frameworks, such as SOC 2, SOC 1, ISO 27001, HIPAA, FedRamp, NIST.
- Cloud environments: Microsoft Azure, AWS (Amazon Web Services).
- Enablon software - or equivalent - nice to have.
- Software development in an Agile environment.
- Security tools: antivirus, firewalls, WAF, SIEM...
- Microsoft 365 - Outlook, Word, Excel, PowerPoint, Teams.
- Ability to write documents that are read, adopted, and used by the intended audience.
- Fluent in French and English. Dutch is a nice to have.
Location: France, Bois-Colombes office (Hauts de Seine)
2 days remote work per week
Join us at Wolters Kluwer and be part of a dynamic global technology company that makes a difference every day through our deep domain expertise.
We're innovators with impact. We provide expert software and information solutions that the world's leading professionals rely on, in the moments that matter most.
With a global leader, you'll be part of a growing business, with operations in more than 50 countries, customers in more than 180 countries, 21,000 colleagues worldwide, and €5.5 billion in revenue.
Be the differenceIf making a difference matters to you, then you matter to us.