Cyber Security Architect - Vulnerability Management, GBS

This job is no longer active. View similar jobs.

POST DATE 9/8/2016
END DATE 10/8/2016

Wolters Kluwer New York, NY

New York, NY
AJE Ref #
Job Classification
Full Time
Job Type
Company Ref #
Mid-Career (2 - 15 years)
Bachelors Degree
Min Salary
Max Salary
Salary Unit
per year


In this role, you will be responsible for all technical and operational support of global vulnerability assessment and penetration testing programs, including automation, scanning, scheduling, reporting, and remediation support cycles. Wolters Kluwer Global Business Services is designed to provide services to the business units in the areas of technology, sourcing, procurement, legal, finance, and human resources. These global centers promote team collaboration using best practices around a specific focus area to drive results and enhance operational efficiencies. There is a constant endeavor to benchmark against best-in-class industry standards to improve the quality of deliverables, increase cost savings, enhance productivity and reduce time to market for products and applications.We have an amazing opportunity for a Cyber Security Architect-Vulnerability Management, available within our Global Business Services division! This position has been created due to growth! As our Cyber Security Architect, you will be primarily responsible for the administration and operational support of the WK Global Vulnerability Assessment and Penetration Testing Programs.The position will be responsible for all technical aspects and automation of vulnerability management processes.This includes threat intelligence: Gathering Processing Correlation Analysis Remediation guidance.Our Architect will seek improvement in intelligence methodologies used for creating new solutions and analytical models - based on subject matter expertise in identified threat areas for the company. The Cyber Security Architect will also be responsible for working closely with project teams and internal / external groups to protect sensitive information. Wolters Kluwer is a large, fast paced and complex environment that requires the ability to work with multiple business units and suppliers concurrently.Required BackgroundThe Information Cyber Security Architect will have a strong technical information security and compliance background including demonstrated proficiency in many aspects of Information Technology. The ideal candidate will be familiar with, and able to support efforts to drive vulnerability remediation for audit and compliance initiatives relating to HIPAA, ISO 270xx and & FISMA / NIST. The Cyber Security Architect will be able to analyze and solve complex security, technical, and operational problems and support process improvements identified during problem analysis. The Cyber Security Architect requires a demonstrated ability to work well in collaborative, dynamic and cross-functional teams. Solid interpersonal skills with ability to work effectively with people of all levels of information technology expertise with a wide range of constituencies, experience, and organizational relationships are a must.Essential Duties and Responsibilities: Responsible for all technical and operational support of global vulnerability assessment and penetration testing programs, including automation, scanning, scheduling, reporting, and remediation support cycles Perform ad-hoc vulnerability and application assessments, validation testing, provide business support & conduct system maintenance. Perform and direct ad-hoc penetration tests and application assessments. Provide technical and business support for third-party enterprise penetration testing programs including scheduling, report generation, coordination activities and executive-level enterprise reporting. Automate vulnerability management processes and threat intelligence gathering, processing, correlation, and analysis. Engage internal and external stakeholders to identify strategic intelligence gaps in vulnerability management and threat management, and develop innovative solutions to close identified gaps. Review and perform analysis of threats that create a risk to the company, its employees, assets and clients and present findings to leadership. Provide guidance to organizations regarding current information security threats and recommendations to address those threats. Understanding of network architecture and concepts, application architecture, and interoperability of these architectures with one another. Demonstrated ability to conduct risk assessments, audits and reviews. Possess knowledge of application security controls and awareness of top security considerations for application development in the Software Development Lifecycle Understanding of computer and network forensics, system and network security, incident management, intrusion detection, vulnerability and patch management, log analysis, and related technologies. Possess strong knowledge of database security controls, including access control, auditing, and configuration best practices Excellent communication skills; inter-personal; organizational and analytical skills, written and verbal communications, experience with management presentations at various levels of corporate structure. Excellent analytical and data gathering skills Participate and support emergency security response activities as required including the development of processes to capture or record security incidents and remediation steps to prevent such incidents in the future.Qualifications:Minimum Qualifications/Education:Strongly Preferred: Bachelor s Degree in Computer Science/MIS or equivalent.Required: Minimum of 5 years-of demonstrated experience in information security, security architecture, and/or Vulnerability Management.Preferred Qualifications/Experience: At minimal 2-year hands-on experience with Qualys, Rapid7 NeXpose, Metasploit and other vulnerability assessment tools. Multiple years of hands on experience and solid understanding of the OSI model, troubleshooting and strong knowledge of Networking/Security protocols, PKI, Load balancing and network topology design. 2 to 3-year direct experience with vendor and managed security services management, enterprise wide transition and transformation programs. 3 to 5-year direct experience with providing in-depth information security technical advisory and recommendations to external and/or internal clients relating to the technology services, security standards and policies and industry best practices. Experience in developing and implementing Information programs, and IT security policies, standards, processes, and procedures 3-year hands-on experience in reviewing technology projects in a security, risk and security controls advisory role providing recommendation to address such risks and/or enhance the technical controls. Advanced expertise in Microsoft Office products - Word, Excel, PowerPoint, & SharePoint demonstrated creativity in use of these products to solve analytical problems and large data manipulation on ExcelOther Preferred (one or more) Certifications: Certified Ethical Hacker v7 (CEH) CISSP GIAC CISA CRISC CISM or similar industry certifications highly preferred.TRAVEL REQUIREMENTS TRAVEL REQUIREMENTSOccasional Domestic Travel, 20%PHYSICAL DEMANDS Normal office requirements.ABOUT WOLTERS KLUWER & ITS SUBSIDIARIESFounded in 1836, Wolters Kluwer is a market-leading, Global Information Services company focused on professionals in the legal, business, tax, accounting, finance, audit, risk, compliance, and healthcare markets. It enables legal, tax, finance and healthcare professionals to be more efficient and effective by providing information, software and services that deliver vital insights, intelligent tools, and the guidance of subject matter experts.Headquartered in Alphen aan den Rijn, the Netherlands, Wolters Kluwer is organized around four customer facing global divisions: Legal and Regulatory, Tax and Accounting, Financial and Compliance Services, and Health. The company employs nearly 19,000 professionals around the world and supports customers in 150 countries. Wolters Kluwer has operations in 40 plus