Lead Compliance and Audit Consultant - GRC, Policy & Audit

Are you willing to not only find answers for your questions but brainstorm with others in your team to solve for issues that impact GRC areas across an organization?

Someone who proactively finds solutions or brings ideas to the table before we encounter any issues? If the answer to this and other questions we have not added is a yes, then we are currently looking for a Lead Compliance and Audit Consultant to join our Cyber Compliance team as part of the ISRM function located in Richmond, Minneapolis, or Dallas.

You will be a leading member of the Cyber Compliance team who will ensure that the cyber security compliance program and all its moving parts are completed, reported, and tracked. You will lead internal compliance to relevant policies/standards and external compliance to frameworks/regulations that ultimately sustains customer confidence in Thomson Reuters (TR).  

Additionally, you will provide support to various initiatives across the GRC team including Policy, Audit Automation, Customer Attestation including supporting the on-board of new products to enterprise programing.

About the Role

In this opportunity as Lead Compliance and Audit Consultant you will:

• Provide recommendations and actively participate in defining the annual control testing and regulatory assessment scope using TR’s control framework.

• Act as a subject matter expert for governance over control testing activities, fostering collaboration and awareness among stakeholders.

• Conduct or coordinate readiness assessments against various frameworks including ISO 27001, CJIS, 9001, SOC 1, SOC 2, & HIPAA.

• Support teams in completing attestation documentation for PCI.DSS, HIPAA, & CJIS.

• Guide team members on approach and steps for finalizing control population, sampling, re-testing, exception reporting, and tracking requirements.

• Offer technical or compliance advice to teams responsible for programs, software, and information systems security.

• Contribute to a holistic approach to compliance testing, aligning with long-term automation goals.

• Lead compliance or security projects/teams to achieve milestones and objectives on complex initiatives.

• Generate innovative solutions to tackle scenarios, projects, or ad-hoc requests with minimal guidance.

• Work independently on multiple initiatives, demonstrating autonomy and decisiveness.

• Exhibit a willingness to learn continuously and embrace change with openness.

• Employ creative and diplomatic problem-solving while prioritizing customer needs.

About You

You're a fit for the role of Lead Compliance and Audit Consultant if your background includes:

• Bachelor's degree in IT, Accounting, or equivalent education and experience.

• At least 5+ years of relevant work experience in SoX, ITGC, PCI within Audit, Big 5, consulting firms, or in a Governance or Compliance function within Financial Services organizations.

• Essential certification in CISA, CISSP, CCAK, CISM, CRISC.

• Strong ethical principles and understanding of business and IS ethics.

• Working knowledge of common security vulnerabilities of web and cloud applications.

• Experience with GRC platforms like ServiceNow, ProcessUnity, RSA Archer, MetricStream, etc.

• Excellent oral and written communication skills in English; additional expertise in French, Spanish, or another language is an asset.
   

What's in it For You?

You will join our inclusive culture of world-class talent, where we are committed to your personal and professional growth through:

Hybrid Work Model: Embrace a flexible hybrid working environment for office-based roles, promoting work-life balance and connectivity.

Wellbeing: Comprehensive benefit plans, flexible vacation, mental health support, Headspace app subscription, retirement, savings, and more.

Culture: Globally recognized for equality, diversity, flexibility, and work-life balance.

Learning & Development: Access to LinkedIn Learning, internal Talent Marketplace, and networking opportunities.

Social Impact: Engage in employee-driven Business Resource Groups, volunteer opportunities, and Environmental, Social, and Governance (ESG) initiatives.

Purpose Driven Work: Join a company dedicated to upholding justice, truth, and transparency globally.

Ready to make a difference? Apply now to lead our Cyber Compliance, Policy & Audit team at Thomson Reuters!

#LI-LP2

Do you want to be part of a team helping re-invent the way knowledge professionals work? How about a team that works every day to create a more transparent, just and inclusive future? At Thomson Reuters, we’ve been doing just that for almost 160 years. Our industry-leading products and services include highly specialized information-enabled software and tools for legal, tax, accounting and compliance professionals combined with the world’s most global news services – Reuters. We help these professionals do their jobs better, creating more time for them to focus on the things that matter most: advising, advocating, negotiating, governing and informing.

We are powered by the talents of 26,000 employees across more than 70 countries, where everyone has a chance to contribute and grow professionally in flexible work environments that celebrate diversity and inclusion. At a time when objectivity, accuracy, fairness and transparency are under attack, we consider it our duty to pursue them. Sound exciting? Join us and help shape the industries that move society forward. 

Accessibility 

As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.

We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law.

Protect yourself from fraudulent job postings click here to know more.

More information about Thomson Reuters can be found on https://thomsonreuters.com.