Sr Information Security Analyst - Vendor Risk Management

Job Description

Major Areas of Accountability

  • Operate as a key contributor to the Vendor Risk Management processes.
  • Interface with subject matter experts, peers and stakeholders and business or technology leaders across the Thomson Reuters enterprise.
  • Demonstrate subject matter expertise on information security best practices and Thomson Reuters security posture focused on performing due diligence for vendor assurance inquiries and attestations.
  • Assist in initiatives to evaluate and provide input on the effectiveness of processes and solutions, and to determine or support a course of action. Track and report on mitigation progress.
  • Contribute to the strategic and tactical development of information security, risk management and compliance initiatives, to include policy and standards development, solution development, security awareness and training, and other information security initiatives as assigned.
  • Track, verify and collect data points for reporting and metrics on identified services to identify gaps and inform leadership.
  • Serve as a subject matter expert in information technology operations, information security and risk management practices, global legal and regulatory requirements, and other applicable security and privacy trends and practices.
  • Participate as a member of a team for Vendor Risk Management
  • Contribute to and achieve business and departmental goals and objectives
  • Deliver processes and services consistently and accurately
  • Accept feedback and flex to address tactical needs
  • Report on status of initiatives to all levels in the organization
  • Work across the organization to contribute to departmental initiatives and programs


  • Prefer 4 year (Bachelor's) Degree in a technology related field

Knowledge, Skills & Behaviors
  • 4+ years related information security risk management experience
  • 3+ years related information technology experience
  • Preferred industry-related certifications: GSEC, CISSP, CISA, CISM, ITIL
  • Preferred subject matter expertise in SOC2, ISO 27000, risk assessment methodologies, Shared Assessments, ITIL practices, and GRC
  • Maintain focus and manage multiple efforts concurrently
  • Perform independently to expectations while being collaborative and maintaining alignment with the team
  • Work effectively with all levels of the organization including subject matter experts, stakeholders, and leadership
  • Strong written and verbal communication skills to include executive audiences
  • Apply tactical and strategic methods appropriately
  • Effective negotiation and influence
  • Focused on supporting the customer, the team, and the business
  • Strong collaboration and problem-solving skills
  • Ability to adapt in an environment where policy and procedures change

At Thomson Reuters, we believe what we do matters. We are passionate about our work, inspired by the impact it has on our business and our customers. As a team, we believe in winning as one - collaborating to reach shared goals, and developing through challenging and meaningful experiences. With more than 45,000 employees in more than 100 countries, we work flexibly across boundaries and realize innovations that help shape industries around the world. Making this happen is a dynamic, evolving process, and we count on each employee to be a catalyst in driving our performance - and their own.

As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under country or local law. Thomson Reuters is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.

Intrigued by a challenge as large and fascinating as the world itself? Come join us.

To learn more about what we offer, please visit .

More information about Thomson Reuters can be found on

Richmond-Virginia-United States of America

Meet Some of Thomson Reuters's Employees

Lisa B.

Software Engineer, Centre of Cognitive Computing

Lisa works with other engineers to develop products that are powered by artificial intelligence and capable of machine learning. She also conducts research to identify new uses for existing company data.

Greg O.

Lead Software Engineer

Greg develops software frameworks that other software engineers use to build the company’s flagship Eikon product. He also mentors and provides technical leadership to more junior engineers on his team.

Back to top