
Posted a month ago
Sr Governance and Compliance Analyst
Thomson Reuters
Requirements
Bachelor's degree in IT, Accounting, Finance, or Computer Science, 4+ years experience in SoX, SOC 2, PCI DSS, or ISO, Understanding of NIST CSF, ISO, SOC2, and PCI DSS, Experience with GRC platforms like ServiceNow or RSA Archer, English fluency
Skills
ComplianceAuditAI
About the role
Responsibilities
- Assess, challenge, and test the design and operational effectiveness of controls using the company's control framework.
- Execute testing plans by communicating requirements to control owners and reviewing submitted evidence.
- Oversee and act as a liaison for both external and internal audits to identify non-compliant procedures.
- Work with ERM, Finance, and business owners to report and track remediation plans for identified deficiencies.
- Contribute to the implementation of automated compliance controls and AI-enabled optimization of workflows.
- Collaborate with the Automation & AI team to design and deploy AI-assisted solutions for evidence gathering and validation.
- Maintain documentation of automation workflows and logic to ensure transparency and auditability.
Requirements
- Bachelor’s degree in IT, Accounting, Finance, Computer Science, or equivalent experience.
- 4+ years of relevant experience in SoX (ITGC), SOC 2, PCI DSS, or ISO (9001, 27001, 42001, etc.).
- Strong understanding of control frameworks such as NIST CSF, ISO, SOC2, and PCI DSS.
- Experience working with internal audit, risk, or compliance teams, including remediation tracking.
- Awareness of common security vulnerabilities in web and cloud environments (e.g., OWASP Top 10).
- Proficiency in English (oral and written); additional fluency in French or Spanish is an asset.
- Familiarity with GRC platforms such as ServiceNow, RSA Archer, or ProcessUnity.
Preferred Qualifications
- Professional certifications such as CISA, CISSP, CISM, CRISC, or ISO 27001 Lead Auditor.
- Hands-on experience testing cloud controls in AWS, Azure, or GCP.
- Exposure to automation tools, Python scripting, or AI/LLM-assisted workflows in an audit context.
- Knowledge of data governance, privacy, and ethical automation principles.
Benefits
- Hybrid work model with flexible arrangements.
- Comprehensive health, mental health, and financial wellbeing resources.
- Career development through "Grow My Way" programming and a skills-first approach.
- Paid volunteer days and opportunities for social impact.
- Competitive retirement savings and tuition reimbursement.
About the Company
Thomson Reuters informs the way forward by bringing together the trusted content and technology that people and organizations need to make the right decisions. We serve professionals across legal, tax, accounting, compliance, government, and media, helping institutions in their pursuit of justice, truth, and transparency.
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeSr Governance and Compliance Analyst
Thomson Reuters · Mexico City
