The VP, Security Regulatory Compliance is responsible for delivering a comprehensive regulatory program for the management of data, and technology controls relating to regulatory risk across Thomson Reuters. The candidate will need to demonstrate strong leadership, stakeholder engagement and advocacy skills, and manage a team of direct reports, as well as lead a wider network of people who are accountable for the regulatory agenda.
In addition, the candidate will have strong change/program management and analytical skills, and be able to work as part of the wider global team, having responsibility for a significant body of deliverables which will evolve as new regulations emerge and strategic programs mature.
A key area of focus and risk for Thomson Reuters is managing, delivering and controlling the significant amount of regulatory and strategic change affecting it globally. The Information Security Risk Management function is looking for a VP to lead the regulatory team, reporting into the Head of Technology Risk & Governance.
- Responsibility for following regulatory developments and understanding the impact to Thomson Reuters products and operations.
- Lead delivery of controlled and sustainable strategic regulatory plans and programs.
- Program lead for SOC annual audit program.
- Management of the programmatic lifecycle of regulate data.
- Support risk management identification & remediation program of regulated data.
- Overseeing the design and delivery of appropriate control frameworks ensuring sustainable, efficient and control-orientated solutions to regulatory issues.
- Overseeing the development and implementation of operating models and procedures which describe process, controls and governance for ongoing adherence to regulatory requirements and internal standards.
- Work in close partnership with technology operations, security, privacy, product, and legal teams.
Knowledge & Skill
- Essential experience of working with regulatory data including GDPR, CCPA, PCI and HIPAA, and assessing regulatory impacts at enterprise and operational levels.
- Preferred experience of leading SOC audit programs across large scale complex environments
- Business expert experience as a trusted advisor in regulatory matters.
- Experience of the data lifecycle from collection to deletion and the implications of regulations to corporate data, ideally with a background in the data/information industry.
- Demonstrates an ability to think strategically with respect to risk/control and regulatory agendas.
- Experience of operating successfully across multiple businesses and functions, such as compliance, legal, technology and business leads.
- Experience of leading on large scale and/or complex change programs including leading system design, build and delivery.
- Ability to consistently deliver work of a high standard, to tight timelines with a proven track record.
- Navigating through uncertainty and driving to timely delivery.
- Team and resource management with a focus on developing high performing teams.
Strategic Planning & Decision Making
- Develops and executes operational strategy for department
- Contributes to development of wider function strategies
- Determines, evaluates and modifies department goals to meet current and future needs
- Directs resource allocation to meet performance requirements in own area
- Addresses complex business issues beyond immediate needs or where established policies can be adapted
- Decisions guided by BU or functional strategies
- Leverages important relationships with key internal and external customers to support business needs
- Uses negotiation skills with customer or organizational leadership to set priorities in development of innovative solutions
- Interacts frequently with senior colleagues
- Communicates highly complex ideas or issues to multiple organization levels
- Presents effectively to large and important groups, influences key customers to take action, and negotiates effective solutions between key individuals