About the role:
The Divisional Security Lead (DSL) for Tech BV is a senior Application Security SME embedded within the AppSec CoE and the Tech BV divisional CTO team. This role is responsible for ensuring that AppSec policies, standards, and best practices are consistently applied across all Tech BV development teams, and for guiding and aligning Portfolio Security Leads (PSLs) and Security Champions within the division.
The DSL acts as the central point of contact for application security strategy, training, and governance in Tech BV, and is empowered to drive divisional AppSec initiatives, provide expert guidance, and escalate security issues. The DSL operates with autonomy and seniority, reporting administratively to the Director of AppSec CoE and functionally to the Tech BV CTO.
The AppSec CoE is a centralized, cross-functional team that provides standardized tools, SOPs, and expert guidance for security-by-design development. It supports a federated model with a central team and a virtual network of Security Champions and Leads, collaborating with other Centers of Excellence and GIS teams to deliver secure, compliant, and innovative solutions.
The DSL role is responsible for aligning Application Security practices in the Tech BV division with Application Security CoE roadmap, best practices and initiatives to establish consistency across DXG organization.
Essential Duties and Responsibilities:
Guide, mentor, and align Portfolio Security Leads (PSLs) and Security Champions in the Tech BV division, ensuring AppSec policies and standards are upheld.Serve as the primary AppSec SME for Tech BV, providing expert guidance, incident support, and escalation for security issues.Ensure continuous threat modeling, scanning, regular security reviews, and timely vulnerability remediation across Tech BV portfolios.Oversee training activities as part of mentoring PSLs and Security Champions, and ensure PSLs and Champions are enabled and empowered.Provide quarterly AppSec briefings to the Tech BV CTO and prepare monthly AppSec reports. Collaborate with Global Information Security (GIS) to support NIST attestation, incident management and exception filing.Collaborate with the DevSecOps CoE in driving integration of security controls in CI/CD pipelines (SAST, SCA, DAST, container scanning, IaC checks) to track provenance and protect the integrity of software.Validate and enforce ASVS-based security requirements across Tech BV services and applications.Nominate, assess, and guide PSLs and Security Champions; provide fallback if PSLs/Champions are unavailable.Collaborate with product managers, architects, Privacy Champions, and other CoEs to balance security and privacy requirements.Participate in and drive certain AppSec CoE strategic programs, including AppSec Metrics & Resources, AppSec Tools Deployment, ASVS Gap Assessment & Remediation, and SBOM/Supply Chain Management.Contribute to the AppSec CoE’s mission and align with its goals to equip teams with standards, tools, and training to identify and fix security issues early and efficiently.Job Qualifications:
Bachelor’s degree.GIAC GSEC, CISSP, or an equivalent baseline certification and one vendor-neutral Secure SDLC/AppSec certification (e.g., CSSLP) (preferred).8+ years of experience in application/product security, software engineering, or related roles.Demonstrated success leading cross-functional security initiatives and improving operational workflows.In case of an internal candidate, familiarity with Wolters Kluwer security policies and standards is required, and familiarity with Tech BV products is preferred.Experience managing or indirectly influencing others in a matrixed or project-based environment.Proficiency in one or more modern programming languages (Java, Python, C#, JavaScript).Hands-on experience with security testing tools (SAST, SCA, DAST, IaC scanning, container/runtime scanning).Experience embedding security checks in CI/CD (GitHub Actions, GitLab CI, Jenkins, Azure DevOps, Bitbucket etc.).Understanding of security facilities and capabilities in at least one major cloud provider (AWS, Azure, GCP).Strong business acumen with understanding of secure product strategy.Ability to translate strategic direction into actionable operational execution.Highly organized with strong attention to detail and process discipline.Effective communicator, able to influence across functions and seniority levels.Demonstrated ability to manage competing priorities in a fast-paced, matrixed environment.Change-oriented mindset with a continuous improvement focus.Our Interview Practices
To maintain a fair and genuine hiring process, we kindly ask that all candidates participate in interviews without the assistance of AI tools or external prompts. Our interview process is designed to assess your individual skills, experiences, and communication style. We value authenticity and want to ensure we’re getting to know you—not a digital assistant. To help maintain this integrity, we ask to remove virtual backgrounds and include in-person interviews in our hiring process. Please note that use of AI-generated responses or third-party support during interviews will be grounds for disqualification from the recruitment process
Applicants may be required to appear onsite at a Wolters Kluwer office as part of the recruitment process.
Our Interview PracticesTo maintain a fair and genuine hiring process, we kindly ask that all candidates participate in interviews without the assistance of AI tools or external prompts. Our interview process is designed to assess your individual skills, experiences, and communication style. We value authenticity and want to ensure we’re getting to know you—not a digital assistant. To help maintain this integrity, we ask to remove virtual backgrounds and include in-person interviews in our hiring process. Please note that use of AI-generated responses or third-party support during interviews will be grounds for disqualification from the recruitment process.
Applicants may be required to appear onsite at a Wolters Kluwer office as part of the recruitment process.