Senior Cyber Compliance & Audit analyst

We are hiring a Senior Cyber Compliance & Audit analyst to assess, challenge, and test the design and operational effectiveness of controls. The role involves overseeing audits, identifying non-compliance issues, and proposing changes to address them.

Requirements

• Bachelor's degree in IT, Accounting, Finance or equivalent education and experience (preferable).
• At least 4+ years of relevant work experience in SoX, ITGC, SOC, PCI within Audit, Big 5, consulting firms or as line 1a or line 1b completing IT-IS
• One of these certifications in order of preference is essential CISA, CISSP, CCAK, CISM, CRISC or ISO (preferred).
• Strong ethical principles and understanding of business and IS ethics.
• Awareness about common security vulnerabilities of web and cloud applications and operating techniques from sources such as SANS, OWASP Top10 and Cloud Security Alliance (CSA).
• Experience in testing Cloud controls and related technologies will be an asset.
• Excellent oral and written communication skills in English. Additional expertise in French, Spanish or another language will be an asset.
• Knowledge about GRC platforms like ServiceNow, Process Unity, RSA Archer, MetricStream and like.

Benefits

• Industry-Leading Benefits: comprehensive benefit plans to include flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, employee incentive programs, and resources for mental, physical, and financial wellbeing.
• Flexibility & Work-Life Balance: Flex My Way is a set of supportive workplace policies designed to help manage personal and professional responsibilities.
• Career Development and Growth: a culture of continuous learning and skill development, and skills-first approach to prepare talent to tackle tomorrow’s challenges.
• Culture: a globally recognized and award-winning reputation for inclusion, innovation, and customer-focus.
• Hybrid Work Model: a flexible hybrid working environment (2-3 days a week in the office depending on the role) for office-based roles.
• Social Impact: two paid volunteer days off annually and opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives.
• In the United States, Thomson Reuters offers a comprehensive benefits package, including market competitive health, dental, vision, disability, and life insurance programs, as well as a competitive 401k plan with company match, market leading work life benefits, paid time off, paid holidays, parental leave, sabbatical leave, and other benefits.