Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Thomson Reuters

Senior Governance and Compliance Analyst

Thomson Reuters

Governance and Compliance Analyst leading control testing and audit programs at Thomson Reuters. Collaborating on automation and compliance workflows with internal and external stakeholders.

Posted 6/13/2026full-timeMexico City • 🇲🇽 MexicoSeniorWebsite

Tech Stack

Tools & technologies
CloudServiceNow

About the role

Key responsibilities & impact
  • Assess, challenge, and test the design and operational effectiveness of controls using TR’s control framework by working collaboratively with control owners and stakeholders to improve the control testing process, including defining re-test cycles and evidence expected.
  • Execute a testing plan by communicating requirements to control owners, reviewing evidence submitted, agreeing on deficiencies found and finalizing the next steps in meeting control requirements.
  • Oversee and act as a liaison for both external and internal audits; identify procedures and practices that are not compliant with industry frameworks.
  • Recommend and support stakeholders making changes to address non-compliance issues, and compile reports on audit results to present to managers & supervisors.
  • Work closely with other teams like ERM, Finance, business and application owners, third party or contractors supporting processes to report and track remediation plans for any control deficiencies identified.
  • Ensure awareness about security risks, best practices and policy/standard requirements are essential to ensure compliance.
  • Contribute to the implementation and continuous improvement of automated compliance controls by working with the Automation & AI team, including evidence collection, validation, and reporting capabilities, to optimize workflows.
  • Collaborate with internal assessors to identify automation opportunities and support the design and deployment of AI-assisted solutions, covering automated evidence gathering, validation and classification, workflow notifications, and preliminary control effectiveness ratings.
  • Maintain documentation of automation workflows, logic, and validation processes to ensure transparency and auditability; stay current with emerging technologies in controls automation and AI to inform team strategy and innovation.

Requirements

What you’ll need
  • Bachelor’s degree in IT, Accounting, Finance, Computer Science, or equivalent education and experience.
  • 4+ years of relevant experience in SoX (ITGC), SOC 2, PCI DSS, ISO (9001, 27001, 42001, etc.) within internal audit, Big 4/5 advisory, consulting, or a Governance & Compliance function — including direct control testing or Line 1a/1b IT-IS assessment work.
  • Strong understanding of control frameworks such as NIST CSF, ISO Frameworks, SOC2 TSC, and PCI DSS; familiarity with NIS2/CRA is an asset.
  • Experience working with or alongside internal audit, risk, or compliance teams, including reporting and tracking remediation plans.
  • Awareness of common security vulnerabilities in web and cloud environments, drawing on sources such as SANS, OWASP Top 10, and the Cloud Security Alliance (CSA).
  • Strong ethical principles and understanding of business and information security ethics.
  • Excellent oral and written communication skills in English; additional fluency in French, Spanish, or another language is an asset.
  • Familiarity with GRC platforms such as ServiceNow, ProcessUnity, RSA Archer, MetricStream, or Protecht.

Benefits

Comp & perks
  • Hybrid Work Model: We’ve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected.
  • Flexibility & Work-Life Balance: Flex My Way is a set of supportive workplace policies designed to help manage personal and professional responsibilities, whether caring for family, giving back to the community, or finding time to refresh and reset.
  • Career Development and Growth: By fostering a culture of continuous learning and skill development, we prepare our talent to tackle tomorrow’s challenges and deliver real-world solutions.
  • Industry Competitive Benefits: We offer comprehensive benefit plans to include flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, employee incentive programs, and resources for mental, physical, and financial wellbeing.
  • Culture: Globally recognized, award-winning reputation for inclusion and belonging, flexibility, work-life balance, and more.
  • Social Impact: Make an impact in your community with our Social Impact Institute. We offer employees two paid volunteer days off annually and opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives.

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
SoXITGCSOC 2PCI DSSISO 9001ISO 27001ISO 42001control testingNIST CSFGRC
Soft Skills
communication skillsethical principlescollaborationproblem-solvingreportingtracking remediation plansstakeholder engagementtransparencyinnovationcontinuous improvement