Logo of Huzzle

Home

Matches

Explore

Manage

Governance, Risk, Compliance Analyst

image

Thomson Reuters

3mo ago

Applications are closed

  • Job
    Full-time
    Mid Level
  • Accounting & Tax
    IT & Cybersecurity
  • Dallas, +1

Requirements

  • You're a fit for the role of a Governance, Risk & Compliance Analyst if your background includes:
  • Bachelor's degree in IT, Accounting, or equivalent education and experience.
  • At least 3+ years of relevant work experience in SoX, ITGC, PCI within Audit, Big 5, consulting firms, or in a Governance or Compliance function within a regulated corporation such as Energy, Financial, or Insurance.
  • Essential certification in CISA, CISSP, CCAK, CISM, CRISC.
  • Strong ethical principles and understanding of business and IS ethics.
  • Working knowledge of common security vulnerabilities of web and cloud applications.
  • Experience with GRC platforms like ServiceNow, ProcessUnity, RSA Archer, MetricStream, etc.
  • Excellent oral and written communication skills in English; additional expertise in French, Spanish, or another language is an asset.

Responsibilities

  • In this opportunity as a Governance, Risk & Compliance Analyst, you will:
  • Provide recommendations and actively participate in defining the annual control testing and regulatory assessment scope using TR’s control framework.
  • Act as an experienced auditor for governance over control testing activities, fostering collaboration and awareness among stakeholders.
  • Conduct or coordinate readiness assessments against various frameworks including ISO 27001, CJIS, 9001, SOC 1, SOC 2, & HIPAA.
  • Support teams in completing attestation documentation for PCI.DSS, HIPAA, & CJIS.
  • Guide team members on approach and steps for finalizing control population, sampling, re-testing, exception reporting, and tracking requirements.
  • Offer technical or compliance advice to teams responsible for programs, software, and information systems security.
  • Contribute to a holistic approach to compliance testing, aligning with long-term automation goals.

FAQs

What frameworks will I be working with in this role?

In this role, you will be working with frameworks such as ISO 27001, CJIS, SOC 1, SOC 2, HIPAA, PCI.DSS, and more.

What will my role involve in terms of control testing and regulatory assessments?

Your role will involve defining annual control testing and regulatory assessment scope using TR's control framework, conducting readiness assessments against various frameworks, supporting teams in completing attestation documentation, and guiding team members on control population, sampling, re-testing, and more.

Thomson Reuters

Entertainment & Media
Industry
10,001+
Employees
2008
Founded Year

Mission & Purpose

Thomson Reuters is the world’s leading provider of news and information-based tools to professionals. Our worldwide network of journalists and specialist editors keep customers up to speed on global developments, with a particular focus on legal, regulatory and tax changes. Our customers operate in complex arenas that move society forward — tax, law, compliance, government, media. In a disruptive digital age, we help professionals reinvent themselves. Thomson Reuters shares are listed on the Toronto and New York Stock Exchanges (symbol: TRI).