IT Security Manager

Wolters Kluwer Global Business Services (GBS) is designed to provide services to the business units in the areas of technology, sourcing, procurement, legal, finance, and human resources. These global centers promote team collaboration using best practices around a specific focus area to drive results and enhance operational efficiencies. There is a constant endeavor to benchmark against best-in-class industry standards to improve the quality of deliverables, increase cost savings, enhance productivity, and reduce time to market for products and applications.

We have an amazing opportunity for an IT Security Manager (Incident Management), available within our Global Business Services division!

This position has been created due to growth! The IT Security Analyst (Incident Management) will be responsible for monitoring and response to all emerging security incidents to protect and enhance the confidentiality, integrity, and availability of Wolters Kluwer assets.

This position is in person in either WoltersKluwer Pune or Chennai offices.

As the IT Security Manager (Incident Management), you will lead information gathering efforts during investigation into suspected and confirmed security incidents to protect personal and confidential information at WK. In this role, you will be required to demonstrate proficiency in incident analysis, data gathering and information synthesis in every area of IT security management. Your role will also include interfacing with and responding to internal business unit IT representatives and stakeholders at all levels during emerging security incidents, real or simulated.

Responsibilities :

• Primarily responsible for the response to and recovery from emerging information security incidents, acting as the focal point leading response efforts and ensuring effective action to contain and remediate the situation
• Respond to cybersecurity incidents and perform triage to assess the severity of the incident and determine the appropriate response.
• Conduct open-source intelligence (OSINT) investigations to identify and track down malicious actors and their tactics, techniques, and procedures (TTPs).
• Participate in red team / blue team exercises to test and improve the organization's incident response capabilities.
• Collaborate with other members of the cybersecurity team to develop and implement security controls and incident response procedures.
• Provide technical guidance and support to junior incident responders as needed.
• Maintain up-to-date knowledge of the latest security threats and trends through continuous learning and professional development.
• Perform forensically sound collections of ESI from laptops, desktops, mobile devices, hard drives, servers and cloud data sources both onsite and remotely.
• Verify, extract and analyze systems, logs and malware data in support of investigations and litigation systems
• Drive efficient, repeatable, proactive, integrated, and mature cyber defense and response
• Supports the investigation of reported security breaches and, in coordination with WK global security operations, develop procedures to respond to security incidents and assist with investigations
• Contributes to the analysis and delivery of findings to internal customers with impactful, comparative, interpretative security analysis in a clear, consistent, and factual manner.
• Responsible for establishing communications bridges and meetings in support of response efforts
• Responsible for maintaining proper group focus during investigation activities and redirecting efforts in support of timely recovery
• Responsible for aggregating information relevant to the situation and synthesizing probable root cause
• Responsible for developing and recommending best course of action based on solid security principles
• Driving the incident response process from detection through containment and eradication.
• Accountable for documenting all WK and partner activity, taken in response to emerging situations
• Accountable for the day-to-day review and assessment of security events that may become or contribute to security incidents.
• Ensures work is compliant with WK enterprise policies, procedures and the local business plan
• Responsible for ensuring appropriate post-mortem and lessons-learned sessions are conducted, following incident restoration of service
• Responsible for organizing and taking part in cross-functional incident exercise activities, ensuring that policy and procedure are followed
• Responsible for ensuring knowledge of IT security and emerging threat scenarios is current
• Responsible for reviewing threat intelligence sources is support of WK security situational awareness
• Responsible for assisting in the development of vulnerability and threat related communications for potential dissemination to warn WK employees of an emerging situation
• Responsible for ensuring information arising from incident response activities, that would result in configuration changes or other modifications to ensure WK security posture, is communicated to the proper operational contacts for execution.

Other Duties :

Job Qualifications :

Bachelor's Degree in Computer Science / MIS or equivalent experience

Experience engaging with executive level individuals during the conduct of incident response

Knowledge of basic security principles to include confidentiality, integrity, and availability access control, authentication, and authorization privacy and non-repudiation

Through good communication and documentation, presents a consistent front to customers and stakeholders

Skills Required

Encase, Network Protocols, Firewalls, Incident Response, Encryption, snowflake , forensic investigations, Splunk, Axiom, Security Technologies