Cyber Compliance Lead - Toronto, Canada - Thomson Reuters

Thomson Reuters

Verified Company

Toronto, Canada

3 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

Position Title:
Lead Cyber Compliance & Audit Generalist

Duration: 10 months

Location: 19 Duncan Street, Toronto, Ontario, CAN - M5H 3G6

Description:

Are you someone who is willing to not only find answers for your questions but brainstorm with others in your team to solve for issues that impact GRC areas across an organization? Someone who proactively finds solutions or brings ideas to the table before we encounter any issues? If the answer to this and other questions we have not added is a yes, then we are currently looking for a Lead Compliance Generalist to join our Cyber Compliance team as part of the ISRM function Toronto.

You will be a leading member of the Cyber Compliance team who will ensure that the cyber security compliance program and all its moving parts are completed, reported, and tracked.

You will lead internal compliance to relevant policies/standards and external compliance to frameworks/regulations that ultimately sustains customer confidence in Thomson Reuters (TR).

Additionally, you will provide support to various initiatives across the GRC team including Policy, Audit Automation, Customer Attestation including supporting the on-board of new products to enterprise programing.

About the Role
In this opportunity as Lead, Cyber Compliance, Policy & Audit Generalist, you will

Give recommendations and actively participate in defining the annual control testing and regulatory assessment scope to be completed using TR's control framework and reporting and completing assigned control validation activities.
Conduct and or coordinate readiness assessments against a variety of frameworks including ISO 27001, 9001, SOC 1, SOC 2, & HIPAA
Guide other team members on approach and steps to be followed when finalizing control population, sampling, retesting, exception reporting and tracking requirements, reviewing work papers, the evidence submitted, finalizing remediation plans, etc.
Provide technical or compliance advice to teams/people responsible for programs, software, and information systems security.
Contribute to test one, cover many requirements approach and align with the longterm vision of automation of audit/testing.
Be asked to lead compliance or security projects / teams to achieve milestones and objectives on complex initiatives.
Come up with ideas to tackle a scenario, project or adhoc request and execute with mínimal guidance.
Work independently on multiple initiatives simultaneously, and act decisively and with a high degree of autonomy.
Exhibit willingness and drive to learn continuously and approach change with openness.
Have a creative and diplomatic approach to solving problems while being customer driven.

About You
You are a fit for the role of Lead, Cyber Compliance, Policy & Audit Generalist, if your background includes:

Bachelor's degree in IT, Accounting or equivalent education and experience.
At least 5+ years of relevant work experience in SoX, ITGC, PCI within Audit, Big 5, consulting firms or as line 1a or 1b completing IT-IS control testing or working within a Governance or Compliance function across Financial Services organisations.
One of these certifications in order of preference is essential CISA, CISSP, CCAK, CISM, CRISC.
Strong ethical principles and understanding of business and IS ethics.
Excellent oral and written communication skills in English. Additional expertise in French, Spanish or another language will be an asset.
Experience working with GRC platforms like ServiceNow, Process Unity, RSA Archer, MetricStream and like.