Thomson Reuters

Cyber Compliance & Audit Analyst

Join Thomson Reuters as a Cyber Compliance & Audit Analyst in Richmond, VA. Assess controls, ensure compliance, and enjoy flexible benefits and work-life balance.

Department - JobBoardly X Webflow Template
Direct Hire
Job Level - JobBoardly X Webflow Template
Mid-Level
ServiceNow Role Type:
Department - JobBoardly X Webflow Template
System Administrator
ServiceNow Modules:
Department - JobBoardly X Webflow Template
Governance, Risk, and Compliance
Department - JobBoardly X Webflow Template
Virtual Agent
ServiceNow Certifications (nice to have):
Department - JobBoardly X Webflow Template
Certified Implementation Specialist - Vulnerability Response
Department - JobBoardly X Webflow Template
Certified System Administrator

Job description

Date - JobBoardly X Webflow Template
Posted on:
 
January 16, 2025

Cyber Compliance & Audit Analyst role involves assessing and testing the design and operational effectiveness of controls using TR's control framework. The role requires a bachelor's degree in IT, Accounting, Finance, or equivalent education and experience, with at least 4+ years of relevant work experience in SoX, ITGC, SOC, PCI within Audit, Big 5, consulting firms, or as line 1a or line 1b completing IT-IS control testing or working within a Governance or Compliance function across Financial Services organizations.

Requirements

  • Bachelor's degree in IT, Accounting, Finance or equivalent education and experience
  • At least 4+ years of relevant work experience in SoX, ITGC, SOC, PCI within Audit, Big 5, consulting firms or as line 1a or line 1b completing IT-IS control testing or working within a Governance or Compliance function across Financial Services organizations
  • One of these certifications in order of preference is essential CISA, CISSP, CCAK, CISM, CRISC or ISO (preferred)
  • Strong ethical principles and understanding of business and IS ethics
  • Awareness about common security vulnerabilities of web and cloud applications and operating techniques from sources such as SANS, OWASP Top 10 and Cloud Security Alliance (CSA).
  • Experience in testing Cloud controls and related technologies will be an asset.
  • Excellent oral and written communication skills in English. Additional expertise in French, Spanish or another language will be an asset.
  • Knowledge about GRC platforms like ServiceNow, Process Unity, RSA Archer, MetricStream and like.

Benefits

  • Comprehensive benefit plans
  • Flexible and supportive benefits for work-life balance
  • Flexible vacation
  • Two company-wide Mental Health Days Off
  • Work from another location for up to a total of 8 weeks in a year, 4 of those weeks can be out of the country and the remaining in the country
  • Headspace app subscription
  • Retirement, savings, tuition reimbursement, and employee incentive programs
  • Resources for mental, physical, and financial wellbeing
  • Ten employee-driven Business Resource Groups
  • Two paid volunteer days annually
  • Environmental, Social and Governance (ESG) initiatives for local and global impact
  • Market competitive health, dental, vision, disability, and life insurance programs
  • Competitive 401k plan with company match
  • Paid holidays (including two company mental health days off)
  • Parental leave
  • Sabbatical leave
  • Optional hospital, accident and sickness insurance paid 100% by the employee
  • Optional life and AD&D insurance paid 100% by the employee
  • Flexible Spending and Health Savings Accounts
  • Fitness reimbursement
  • Access to Employee Assistance Program
  • Group Legal Identity Theft Protection benefit paid 100% by employee
  • Access to 529 Plan
  • Commuter benefits
  • Adoption & Surrogacy Assistance
  • Tuition Reimbursement
  • Access to Employee Stock Purchase Plan

Requirements Summary

Bachelor's degree in IT, Accounting, Finance or equivalent education and experience, 4+ years of relevant work experience, and a certification such as CISA, CISSP, CCAK, CISM, CRISC or ISO (preferred)