About the Role:
As the IT Security Associate Director, you will lead the execution of complex cybersecurity projects with substantial autonomy. Your expertise will guide the strategic cybersecurity planning and policy-making processes. You will ensure alignment with organizational goals and provide critical security insights that drive our mission forward. Wolters Kluwer is seeking a strategic and technically skilled Cybersecurity Reporting & Metrics Associate Director to drive the design, automation, and delivery of security and risk reporting across the enterprise. This role will lead the creation of dashboards and visualizations that provide insight into key domains including cybersecurity awareness training, risk programs, control effectiveness, and risk indicators and triggers across all Global Information Security domains. The ideal candidate has a strong background in cybersecurity, cloud, automation, Microsoft Systems and tools, general IT Risk, and control/governance knowledge. Additionally, this person will have hands-on experience in reporting tools like PowerBI and creating automations and integrations with ServiceNow. As a critical thinker and problem-solver, this person will help elevate the Company s security posture by delivering consistent, insightful, and action-oriented reporting.
Responsibilities:
- Design, build, and maintain dashboards and reports that measure cybersecurity performance and risk across key programs including but not limited to: Security awareness and training, Cloud and IAM tooling and systems , Vulnerability management sources, Risk identification and mitigation, Control effectiveness, and Internal KPIs and metrics related to operational capabilities and internal demand management
- Automate recurring reporting processes using tools such as Power BI, Excel Power Query, and Power Automate amongst others to enable actionable insights and self-service
- Strong knowledge of ServiceNow across demand and intake modules, as well as vulnerability management and GRC/IRM modules and features
- Define and manage cybersecurity KPIs/KRIs in partnership with the security team and integrating feedback from key partners including HR, Legal, and business units
- Strong knowledge of key metrics related to core security capabilities such as training and awareness, vulnerability management, cloud security, identity, and access mgmt.
- Understanding of technical security and risk related domains to enable KRI development, triggers, and ongoing management of key cybersecurity programs and outcomes
- Work closely with capability owners to source, structure, and govern data across diverse systems and repositories
- Create and maintain executive-level reporting packages and presentations that support security governance forums, audits, and regulatory reviews
- Establish consistent standards for report quality, accuracy, and delivery timelines
- Translate complex technical security data into clear, business-relevant visuals and insights
- Support continuous improvement of cybersecurity programs by identifying reporting gaps, opportunities for automation, and metric-driven trends
- Serve as the technical reporting SME within the cybersecurity function, helping to align business insights with security data points
Skills and Qualifications:
- 14+ years of experience in cybersecurity or Information Technology
- Experience in reporting across various security programs including training and awareness, phishing, cloud security, IAM, vulnerability management and overall IT risk and governance
- Strong reporting skills and attention to detail
- Knowledge of resource management practices and HR tools such as Workday, Clicktime, and deep understanding of ServiceNow and its core IT Security and Demand management modules and capabilities
- Expert level powerbi/visualization skills
- Experience delivering outcomes without direct control over stakeholders and behaviors, able to influence and drive actions
- Ability to collaborate and build relationships with cross-functional teams, senior management, technologists, and external stakeholders.
- Analytical mindset with excellent problem-solving skills, attention to detail, and ability to interpret regulatory requirements and assess their impact on business.
- Self-driven and ability to identify actions / goals and drive them through completion with minimal oversight
