Register  |  Log In  |  Contact Us

Information Security Program Manager (GDPR)

Contract Type
IT, Legal, Management
Expiry Date
We seek an ambitious and business focused Information Security Program Manager to join the Governance & Risk team within Information Security Risk Management (ISRM).

Job Description


We are the leading source of intelligent information for the world's businesses and professionals, providing customers with competitive advantage. Intelligent information is a unique synthesis of human intelligence, industry expertise and innovative technology that provides decision-makers with the knowledge to act, enabling them to make better decisions faster. We deliver this must-have insight to the financial and risk, legal, tax and accounting and media markets, powered by the world's most trusted news organization.

Position Title: Information Security Program Manager (GDPR)

Business Unit: ET&O

Product or Service: Information Security Risk Management (ISRM)

Role Summary: 

We seek an ambitious and business focused Information Security Program Manager to join the 
Governance & Risk team within Information Security Risk Management (ISRM).

The Governance & Risk team provides risk management oversight for the company, including the management of major governance initiatives such as compliance with GDPR (EU’s General Data Protection Regulation).

The successful candidate will be expected to oversee and manage large and complex internal information security projects, including the development and implementation of functional and organizational processes and procedures.

Main Responsibilities / Accountabilities: 

Responsibilities of the role:

  • Manages project schedules and prepares program status reports
  • Provides reliable financial forecasts to budget stakeholders
  • Manages complex multifunction relationships with stakeholders
  • Reviews status of the program, associated projects and budgets, manages program/project risks
  • Assesses program/project level risks and issues and develops mitigation plans/resolutions to meet program/project objectives
  • Resolves issues across multiple teams and manages dependencies between projects
  • Ensure compliance with regulatory requirements and drives the business to make risk based decisions on remediation plans.
  • They will support strategies that guide the organization towards making effective risk decisions. They will be comfortable and confident when articulating recommendations to Senior Management, Business stakeholders and/or our Technology Partners.

Key Relationships: 

  • ISRM colleagues
  • Program Stakeholders (e.g. ET&O project leads, Privacy, Finance, HR)
  • Control owners in business units
  • Business Unit Security Officers
  • Internal Audit and other governance groups


Essential Skills and Experience: 

  • Understanding of information security fundamentals and general security technologies
  • Understanding of privacy fundamentals 
  • Strong organization, prioritization, and rationalization skills
  • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
  • An ability to effectively influence others to modify their opinions, plans, or behaviors
  • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
  • An understanding of organizational mission, values, and goals and consistent application of this knowledge
  • Experienced in communicating complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner
  • Strong knowledge of / business experience in other business units or functional areas outside Security
  • Extensive understanding of critical program/project management techniques and an ability to motivate and lead team members


Desired Skills and Experience: 

  • Extensive experience of project management; especially in information security, privacy or risk management 


Education/ Certifications: 

  • Undergraduate degree or equivalent experience.
  • Certified Information Systems Security Professional (CISSP) or CISA and/or Project Management Professional (PMP) Certification.


At Thomson Reuters, we believe what we do matters. We are passionate about our work, inspired by the impact it has on our business and our customers. As a team, we believe in winning as one - collaborating to reach shared goals, and developing through challenging and meaningful experiences. With over 60,000 employees in more than 100 countries, we work flexibly across boundaries and realize innovations that help shape industries around the world. Making this happen is a dynamic, evolving process, and we count on each employee to be a catalyst in driving our performance - and their own.

As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under country or local law. Thomson Reuters is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.

Intrigued by a challenge as large and fascinating as the world itself? Come join us.

To learn more about what we offer, please visit

More information about Thomson Reuters can be found on