Wolters Kluwer

Lead Architect - Cybersecurity

Wolters Kluwer

full-time

Posted on:

Location Type: Hybrid

Location: Lucca • 🇮🇹 Italy

Visit company website
AI Apply
Apply

Job Level

Senior

Tech Stack

AWSAzureCloudCyber SecurityGoogle Cloud Platform

About the role

  • Lead ideation and implementation of the organisation's security and compliance posture
  • Oversee staff, tools, and processes to ensure a robust cybersecurity framework
  • Execute strategic initiatives to enhance SSDLC and CCH Tagetik SaaS security resilience
  • Serve as bridge between local CCH Tagetik security initiatives and Wolters Kluwer corporate security
  • Maintain ISO27001 / ISO22301 certifications and SOC1/SOC2 framework compliance and manage certification processes
  • Coordinate disaster recovery planning and testing with stakeholders
  • Manage security exceptions, risk acceptance, compensating controls, and expiration tracking
  • Support client security and compliance requests, questionnaires, meetings, and technical documentation
  • Oversee SIEM tools for real-time monitoring and proactive threat detection
  • Lead Vulnerability Management: classification, prioritization, remediation planning, and verification
  • Conduct risk assessments and develop risk treatment plans
  • Orchestrate incident response strategies and manage security incidents
  • Manage penetration testing lifecycle: vendor selection, scope, coordination, findings review, remediation tracking
  • Support Cyber Security Operations on complex cloud infrastructures (AWS, Azure)
  • Act as primary contact during third-party security audits and provide evidence for compliance
  • Coordinate implementation of security action items into development and product backlogs
  • Lead and mentor a security team and foster professional development
  • Collaborate with Product Management to address security requirements and architectural implications
  • Develop and maintain security policies, procedures, and standards
  • Report security metrics and KPIs to executive leadership

Requirements

  • At least 8 years of experience in security management
  • Bachelor's degree in Computer Science, Cybersecurity, or related field (work experience may substitute)
  • Strong knowledge of ISO 27001:2022, SSAE 18, ISO 22301, NIST Cybersecurity Framework
  • Experience in security and vulnerability assessment, gap analysis, risk assessment and management
  • Solid understanding of cloud security principles and practices across AWS, Azure, GCP
  • Experience leading security teams and managing security operations
  • Strong knowledge of SIEM tools and security monitoring practices
  • Experience with penetration testing and vulnerability management processes
  • Familiarity with DevSecOps practices and secure software development lifecycle (SSDLC)
  • Experience in incident response and management
  • Excellent communication and presentation skills
  • Fluency in Italian and proficiency in English
  • Nice to have: ISC2 or other security certifications
  • Nice to have: Experience with Agile methodologies (Scrum, Kanban)
  • Nice to have: Experience with Infrastructure as Code and automation tools
  • Nice to have: Knowledge of compliance requirements for financial services industry
  • Nice to have: Experience with cloud-native security tools and practices
Benefits
  • Flexible working hours and flexible working policy (3 days a week from home, 2 days a week in the office)
  • Hybrid work arrangement (Hybrid - 8 days/month on-site)
  • English classes
  • Full access to e-learning platforms (Pluralsight, LinkedIn Learning, Udemy)
  • Possibility of certification paths (cloud provider and security certifications)
  • Development plans and career steering
  • Annual performance and salary reviews
  • Community and teambuilding events (global code games, networking events, Wolters Kluwer value days)
  • Global well-being programme with tools, programs, and resources for health, safety and well-being

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
security managementvulnerability assessmentrisk assessmentpenetration testingcloud securityDevSecOpsincident responsesecurity monitoringISO 27001ISO 22301
Soft skills
leadershipcommunicationpresentationmentoringcollaboration
Certifications
ISC2ISO 27001:2022SSAE 18