Job Title:

Senior Risk and Audit Compliance Engineer – I&O Platform Infrastructure

Position Overview

As a Senior Risk and Audit Compliance Engineer within Infrastructure and Operations, Platform Infrastructure, you will serve as a subject matter expert, collaborating with multinational clients on designing, implementing, and enhancing end-to-end risk, compliance, and audit frameworks. Leveraging your deep experience and consulting acumen, you’ll lead project teams, mentor staff, and ensure our clients meet evolving regulatory, cyber, and operational risk expectations.

Key Responsibilities

Client Engagement & Advisory

• Lead client-facing risk and compliance consulting projects across industries (finance, technology, healthcare, etc.).
• Advise client executives and Boards on risk identification, internal controls, and compliance program maturity.
• Translate regulatory requirements (SOX, GDPR, ISO 27001, NIST, SOC, etc.) into actionable strategies and operational controls.

Compliance Program Leadership

• Assess, design, and implement enterprise-wide risk management and compliance frameworks for clients.
• Develop risk and control matrices, Risk Control Self-Assessment (RCSA) programs, and ongoing compliance monitoring strategies.
• Perform internal/external audit readiness assessments and help clients prepare for regulatory and certification audits (SOX, SOC 1/2/3, ISO, PCI DSS, etc.).

Audit & Risk Management Execution

• Plan and execute audit engagements, including risk scoping, fieldwork, walkthroughs, and root-cause analysis.
• Evaluate effectiveness and efficiency of existing controls (ITGC, application controls, segregation of duties, etc.).
• Review, test, and validate control design and operating effectiveness. Draft high-quality audit reports and remediation recommendations.
• Drive closure of audit findings through remediation tracking and stakeholder management.

Data Analytics & Automation

• Design and implement automated solutions for control testing, continuous monitoring, and regulatory reporting.
• Employ advanced analytics to identify emerging risks and strengthen compliance posture.
• Stay abreast of and pilot new regulatory technology (RegTech) and audit automation tools for improved consulting delivery.

Project & Team Leadership

• Manage project teams in a matrix and multi-client environment. Mentor and develop supplier/contract staff.
• Oversee project timelines, deliverables, and client satisfaction.
• Support business development by identifying new client needs and contributing to proposals.

Stakeholder & Relationship Management

• Liaise with client and internal leadership, regulatory bodies, and external auditors.
• Deliver compliance/risk training and thought leadership to clients and practice teams.

Required Qualifications & Skills

• Bachelor’s or Master’s degree in Information Security, Engineering, Finance, Business, or related fields.
• 12+ years of progressive experience in risk management, audit, or compliance—minimum 3-6 years in a Big Four or similarly complex consulting or regulated environment.
• Expertise in regulatory frameworks: ISO 27001, NIST, SOX, PCI DSS, GDPR, COBIT, etc.
• Proven success in leading end-to-end client audits, regulatory projects, and compliance assessments.
• Excellent analytical, problem-solving, and communication skills.
• Experience with GRC, audit, Regulatory Technology (RegTEeh), and data analytics platforms (e.g., Archer, ServiceNow GRC, SAP GRC, Tableau, ACL).
• One or more relevant certifications: CISA, CISM, CRISC, SoX, ISO 27001 Lead Auditor/Implementer (strongly preferred).
• Track record managing and developing diverse/high-performing teams.
• Prior experience in working with the Suppliers/Contractors and driving the Risk and Audit along with yearly Internal and External Audits.

Preferred

• Experience with On-Prem, Cloud, Data Privacy, and AI/ML risk and compliance.
• Prior client-facing or business development experience in management consulting.
• Reporting Line
• Reports to: On Prem Hosting Compliance Lead