Software Engineer, Cybersecurity, Data Security

About Mobility Global

S&P Global has recently announced the intent to separate our Mobility Segment into a standalone public company.

You will configure, customize, expand and support software that powers Legal, Compliance, and Risk functions across the enterprise—supporting capabilities such as regulatory reporting
, controls testing and evidence management
, policy management
, surveillance/monitoring
, case & workflow management
, third-party/vendor risk
, audit support
, and records retention/eDiscovery enablement
. This role partners closely with Legal, Compliance, Risk, Audit, Privacy, and Security to deliver systems that are secure, auditable, reliable, and explainable
.

• Set up and support SaaS and hosted applications and maintain end-to-end application features across UI, services, and data layers for Legal/Compliance/Risk platforms.
• Translate complex regulatory and policy requirements into clear functional specifications and maintainable technical designs
  .
• Write clean, testable code; contribute to engineering standards, code reviews, and documentation.
• Own production quality: participate in on-call/operational support, incident triage, and post-incident remediation.

• Ensure systems provide traceability from requirements → implementation → test coverage → operational monitoring.

• Build data pipelines and reporting capabilities for compliance and risk metrics (e.g., KRIs, control effectiveness, regulatory submissions).
• Partner with data teams to ensure data quality, lineage, reconciliation, and governance.
• Adapt systems to evolving regulatory expectations with minimal disruption (configuration-driven rules where appropriate).

• Implement security best practices: encryption, secure secrets handling, least privilege, and strong authentication/authorization.
• Support privacy-by-design: data minimization, purpose limitation, retention, and subject rights workflows as applicable.
• Collaborate with Security teams on threat modeling, vulnerability remediation, and audit responses.

• Integrate Legal/Compliance/Risk applications with enterprise platforms (identity, messaging, ticketing, document management, data warehouses).
• Build scalable APIs and event-driven integrations to reduce manual work and improve timeliness of compliance processes.
• Improve platform reliability and operability through observability (metrics, logs, traces) and automation.

• 3 years of professional software engineering experience (or equivalent practical experience).
• Proficiency in at least one modern programming language (e.g.,
  Java, C#, Python, Go, Type Script ).
• Experience building and maintaining enterprise applications (services/APIs, databases, batch/stream processing, or web UIs).
• Strong understanding of secure software development and disciplined SDLC practices (testing, CI/CD, code review).
• Ability to work with non-technical stakeholders (Legal/Compliance/Risk) and convert requirements into working software.

• Experience delivering software in regulated environments (financial services, healthcare, insurance, public sector, etc.).
• Familiarity with Legal/Compliance/Risk domains such as: GECS, Actimize, and CLM applications.
• Compliance monitoring/surveillance, case management, investigations
• Controls testing (SOX/ICFR), evidence management, audit support
• Third-party risk, issues management, policy/attestation platforms
• Records retention, legal holds, eDiscovery support processes
• Experience with cloud and platform tooling (containers, orchestration, CI/CD, observability) in production environments.

• Auditability-first engineering: deterministic workflows, strong logging, defensible reporting.
• Security mindset: threat-aware design, least privilege, secure defaults.
• Data rigor: quality checks, reconciliation, lineage awareness, and careful handling of sensitive data.
• Operational ownership: builds systems that are monitorable, debuggable, and resilient.
• Stakeholder fluency: can…