IT Security Compliance and Assurance Analyst

Basic Function

Wolters Kluwer Global Business Services (GBS) is designed to provide services to the business units in the areas of technology, sourcing, procurement, legal, finance, and human resources. These global centers promote team collaboration using best practices around a specific focus area to drive results and enhance operational efficiencies. There is a constant endeavor to benchmark against best-in-class industry standards to improve the quality of deliverables, increase cost savings, enhance productivity, and reduce time to market for products and applications.

We are looking for a detail-oriented, Compliance-driven IT Security Analyst to join our growing Cyber Technology Controls (CTC) team.

This role focuses on technology control assessments, audit coordination, regulatory compliance, and IT issue management. You will work closely with internal technology teams, external auditors, and business stakeholders to ensure compliance with the required regulations, standards and frameworks by contributing to and support IT audits and compliance initiatives.

Essential Duties and Responsibilities

•    Support compliance assessments by reviewing processes, policies, audit reports, security controls and associated evidence.
•    Support internal and external audits, ensuring readiness for certification and regulatory validations.
•    Monitor and assess security controls, finding/gaps and recommend improvements and remediation activities.
•    Help enforce compliance across industry frameworks such as AICPA SOC 2, ISO 27001/27701, PCI-DSS, NIST 800-53, HIPAA/HITRUST.
•    Prepare audit reports, track findings, and support corrective action/remediation plans.
•    Work with manager/lead on a feedback mechanism to improve audit outcomes, processes, and scalability.
•    Suggest improvements to other security areas based on findings including policy and standard related enhancements.
•    Maintain up-to-date knowledge of compliance trends, versions, requirements, and best practices.
•    Effective communication and reporting of Compliance for and from External Audits/Certifications
 

Job Qualifications

Education:  
Required: Bachelor’s degree in science, Computer Applications, Business Information Systems, Information Technology, or equivalent in related fields. Knowledge across any of the frameworks and regulations such as PCI-DSS, SSAE 18/SOC, ISO/IEC, HIPAA/HITRUST, NIST 800-53, NIST CSF, etc.
Preferred:

Certifications proving expertise in Information Security or certifications related to the above-mentioned frameworks or further that would complement the role.

Experience:  
1.    Minimum 5+ years’ experience or more in developing/contributing to industry standard compliance documentation, building relationships, conducting/facilitating audits, providing performance feedback while meeting stakeholders and client expectations.
2.    5+ years of experience testing IT and Security controls across design and operating effectiveness.
3.    Good written, verbal and presentation skills; including interactions with key stakeholders, internal executive management, external executive management, supervisors, and leaders. 
4.    Experienced working in office and remote environments.  Independent, motivated self-starter with the ability to analyze requirements, compliance and related problems, think critically, problem solve, influence change.  
5.    Excellent interpersonal skills, including the ability to work across a highly matrixed organization, interacting, influencing, negotiating effectively with all levels of leadership and peers.
6.    Experienced with security compliance services with ability to identify continuous improvement opportunities to drive control suffice assessment effectiveness and efficiency.
7.    Knowledge of ITGC and demonstrate risk-based approach to information security.
8.    Detail oriented and ability to manage multiple high priority activities at once.
9.    Ability to travel as needed.

Our Interview Practices

To maintain a fair and genuine hiring process, we kindly ask that all candidates participate in interviews without the assistance of AI tools or external prompts. Our interview process is designed to assess your individual skills, experiences, and communication style. We value authenticity and want to ensure we’re getting to know you—not a digital assistant. To help maintain this integrity, we ask to remove virtual backgrounds and include in-person interviews in our hiring process. Please note that use of AI-generated responses or third-party support during interviews will be grounds for disqualification from the recruitment process.

Applicants may be required to appear onsite at a Wolters Kluwer office as part of the recruitment process.