Wolters Kluwer United States Inc.

Compensation

Full Description

. We have an amazing opportunity for an Associate Director of Compliance and Assurance, available within our Global Business Services division! Wolters Kluwer Global Business Services .(GBS) is designed to provide services to the business units in the areas of technology, sourcing, procurement, legal, finance, and human resources. These global centers promote team collaboration using the best practices around a specific focus area to drive results and enhance operational efficiencies. There is a constant endeavor to benchmark against best-in-class industry standards to improve the quality of deliverables, increase cost savings, enhance productivity, and reduce time to market for products and applications. The Associate Director will be working with a team to manage our Compliance and Assurance program that helps our Divisions and Business Units in their efforts towards achieving self- or third-party attestation or authorization, such as FedRAMP, GovRAMP, NIST 800-53, NIST 800-171, and others to name a few, as the business needs dictate. The Associate Director will drive the efforts with both internal project teams as well as internal / external groups to ensure successful Authority to Operate (ATO) or self-attestation outcomes for any Wolters Kluwer asset(s) pursuing these attestations or authorizations. In addition to the pursuit of these attestations / authorizations, the Associate Director will oversee the responsibilities of four professionals dedicated to supporting RAMP / NIST authorizations and assessments for Wolters Kluwer’s businesses. The Associate Director will work proactively with internal Subject Matter Experts (SMEs) to process the design, build, and document FedRAMP / GovRAMP / NIST controls, processes, and procedures that would not only resolve the findings / observations identified from the current authorizations / assessments but would prevent future reoccurrence. The Associate Director will be accountable to ensure that all documentation meets FedRAMP / GovRAMP / NIST standards. The Associate Director must have extensive experience in regulations and standards from the Financial Services, Health, and Legal industries to assist WK internal teams in interpreting the requirements from these sectors, as well as provide control guidance on how to meet the obligations of the requirements from these Regulations and Standards. The Associate Director must have and will be required to maintain a deep understanding of U.S. federal government and state government direction and policies especially as it relates to cybersecurity. The Associate Director is expected to have and maintain extensive knowledge of FedRAMP, GovRAMP, DoD Cloud SRG, NIST 800-53 and related publications, FISMA, FIPS standards, and technical / operational requirements. Essential Duties and Specific Responsibilities: Project Execution Responsibilities: • Responsible for ensuring that technical requirements are well understood, and controls are designed to operate effectively to maintain ongoing compliance. • Serve as the technical compliance subject matter expert (SME) in providing guidance to the IT and Business team on compliance solutions. • Escalates issues to the appropriate level of management as necessary and ensures appropriate remediation is implemented and prevents the reoccurrence of the issue. Responsible for developing and maintaining assessment templates for executing reviews and baseline of the company security compliance status. • Collaborate with peers across IT and business teams to align compliance strategies with organizational goals. • Evaluating compliance risks in business operations and providing recommendations based on risk and impact to the overall business. • Ensure the appropriate metrics are measured to the effectiveness of the security compliance program. Compliance Oversight and Responsibilities: • Research solutions for complex business and technical processes and provide options management for decision. • Educating control owners and business partners on RAMP / NIST requirements. • Ensuring that controls are properly defined, assigned to owners, and are integrated into the compliance and assurance work program. • Collaborate with technical operations and engineering teams to ensure that appropriate controls are implemented to meet the objectives of the specified requirements. • Conduct gap analyses to identify areas that require attention, including security measures implemented to address cyber threats. • Engage closely with control owners associated with the Products to prepare for potential audits and legal or regulatory requirements related to compliance. Third-Party Assurance Management Responsibilities: • Coordinates with internal and external auditors to ensure that all assessments are executed smoothly. • Reviews audit findings and work with relevant departments to address identified gaps and vulnerabilities. • Develop an assessment schedule that aligns with business needs and regulatory requirements. • Provides the Director of Compliance and Assurance with insight into authorizations, attestations, and audit outcomes and implications. • Ensure that assessment reports are thoroughly documented and securely stored for future reference. Accurate and Timely Reporting Responsibilities: Consolidating data from projects and various activities performed by the Compliance and Assurance function across the organization into a holistic view for management reporting. • Developing and presenting weekly and monthly reports to the Director of Compliance and Assurance, outlining achievements, challenges, and plans. • Analyzing trends in observations from external audits, authorizations, internal assessments, and other sources of issues to inform and influence mitigation and remediation strategies. • Customizing reports for different assessments from the teams and report to the Director of Compliance and Assurance. • Ensuring the timely communication of critical gaps identified from audits, assessments, attestations, etc. to management. Leadership Responsibilities: • Creating audit / authorization / assessment plans as required for different regulatory or standard’s needs. • Assist in recruiting, training, and mentoring team members to ensure they are aligned with the Compliance and Assurance function’s goals. • Assign tasks based on the strengths and expertise of individual team members. • Evaluating projects and team performance through KPIs and other metrics. • Promoting security relationships between internal resources and external entities, including government, vendors, and partner organizations, within the boundaries of applicable WK policy and regulatory requirements. JOB QUALIFICATIONS Required Qualifications/Experience: • Bachelor’s or master’s degree in information system management, Computer Science, Cybersecurity, Risk Management or equivalent. A master’s degree in business administration is a plus. • Proven project / program management experience. Prior project management certification a plus. • Proven workflow / process management experience. • 14+ years in-depth knowledge and experience of compliance and audit with FedRAMP, GovRAMP, NIST security frameworks, U.S. federal laws / regulations, U.S. state laws and regulations. Travel requirements: Domestic travel less than 25% of work time Ability to travel independently Ability to travel by air Benefits: A comprehensive benefits package that begins your first day of employment. Additional Information: Wolters Kluwer offers great benefits and programs to help meet your needs and balance your work and personal life, including Medical, Dental, & Vision Plans, 401(k), FSA/HSA, Commuter Benefits, Tuition Assistance Plan, Vacation and Sick Time, and Paid Parental Leave. Full details of our benefits are available - https://www.mywolterskluwerbenefits.com/index.html Applicants may be required to appear onsite at a Wolters Kluwer office as part of the recruitment process. If making a difference matters to you, then you matter to us. Join us, at Wolters Kluwer, and be part of a dynamic global technology company that makes a difference every day. We’re innovators with impact. We provide expert software and information solutions that the world’s leading professionals rely on, in the moments that matter most. You’ll make a real difference in the lives of millions of people. Together with our customers, we help to advance sustainability, health, justice, prosperity, and commerce around the world. You can thrive at Wolters Kluwer, where diversity is core to our collective strength and high performance. Be your unique self, share your creative ideas, do your best work, and take time to grow in our caring and inclusive culture where you can belong. Wolters Kluwer reported 2023 annual revenues of €5.6 billion. The group serves customers in over 180 countries, maintains operations in over 40 countries, and employs approximately 21,400 people worldwide. Our customers work in industries which impact the lives of millions of people every single day. Our mission is to empower our professional customers with the information, software solutions, and services they need to make critical decisions, achieve successful outcomes, and save time. Our expert solutions combine deep domain knowledge with technology to deliver both content and workflow automation to drive improved outcomes and productivity for our customers. We are committed to helping professionals improve the way they do business and solve complex problems with our range of digital solutions and services, which we continuously evolve to meet their changing needs. Our 188-year legacy and portfolio represent thousands of customers worldwide. For more information about our solutions and organization, visit www.wolterskluwer.com, follow us on Twitter, Facebook, and LinkedIn. Wolters Kluwer has a dedicated team of experienced talent acquisition professionals who are ready to hear what makes you tick and share how Wolters Kluwer can help you achieve your goals and ambitions. Here Rasi Fawaz shares some tips on what recruiters are looking for on a resume. As a global organization, we recognize that solving a wide range of complex problems requires diverse perspectives and innovative thinking. We know that bringing our best to our customers, communities, and other key stakeholders requires a highly engaged and talented workforce – one that represents the diversity of those we serve and the communities where we live and work. We aim to provide a welcoming environment and equitable opportunities for all employees regardless of background, nationality, race, ethnicity, gender, gender identity, age, sexual orientation, marital status, disability, or religion. This principle is ingrained in our company values and articulated in our Code of Business Ethics. At Wolters Kluwer, you’ll feel valued for your contributions, and you’ll know that your health, safety, and well-being are important to us. Our well-being benefits provide tools, programs, and resources to help our diverse employees feel healthy, happy, safe, and prosperous. In 2024 we were awarded Ragan’s Top Places to Work for Employee Wellbeing: Large Organization, in recognition of our commitment to maintaining and enhancing the well-being of our colleagues through our ‘Together we thrive’ well-being program. To ensure we continue to drive innovation that enables us to develop products and services to best serve our customers, we cultivate a workplace culture rooted in mutual respect, bringing forward insights from a wide range of backgrounds, perspectives, and experiences. We are also committed to complying with laws requiring equal opportunity in hiring, promotion, and other employment decisions. All qualified applicants will receive consideration without regard to race, color, religion, sex (including pregnancy, gender identity, transgender status, and sexual orientation), national origin, disability, age, genetic information, veteran status, or any other characteristic protected by applicable law, and we do not tolerate discrimination on any of these bases. GDPR Careers Privacy and Cookies Wolters Kluwer (“we” or “us”) wants to inform you about the ways we process your personal information. In this Privacy & Cookie Notice we explain what personal information we collect, use and disclose. You'll find details related to GDPR and other data privacy policies on our Careers Privacy and Cookies page.