Software Engineer – Legal​/Compliance​/Risk

About Mobility Global

S&P Global has announced the intent to separate our Mobility Segment into a standalone public company.

Grade Level (for internal use): 10

You will configure, customize, expand, and support software that powers Legal, Compliance, and Risk functions across the enterprise—supporting capabilities such as regulatory reporting, controls testing and evidence management, policy management, surveillance/monitoring, case & workflow management, third‑party/vendor risk, audit support, and records retention/eDiscovery enablement. This role partners closely with Legal, Compliance, Risk, Audit, Privacy, and Security to deliver systems that are secure, auditable, reliable, and explainable.

• Set up and support SaaS and hosted applications and maintain end‑to‑end application features across UI, services, and data layers for Legal/Compliance/Risk platforms.
• Translate complex regulatory and policy requirements into clear functional specifications and maintainable technical designs.
• Write clean, testable code; contribute to engineering standards, code reviews, and documentation.
• Own production quality: participate in on‑call/operational support, incident triage, and post‑incident remediation.
• Ensure systems provide traceability from requirements to implementation to test coverage to operational monitoring.
• Build data pipelines and reporting capabilities for compliance and risk metrics (e.g., KRIs, control effectiveness, regulatory submissions).
• Partner with data teams to ensure data quality, lineage, reconciliation, and governance.
• Adapt systems to evolving regulatory expectations with minimal disruption (configuration‑driven rules where appropriate).
• Implement security best practices: encryption, secure secrets handling, least privilege, and strong authentication/authorization.
• Support privacy‑by‑design: data minimization, purpose limitation, retention, and subject rights workflows as applicable.
• Collaborate with Security teams on threat modeling, vulnerability remediation, and audit responses.
• Integrate Legal/Compliance/Risk applications with enterprise platforms (identity, messaging, ticketing, document management, data warehouses).
• Build scalable APIs and event‑driven integrations to reduce manual work and improve timeliness of compliance processes.
• Improve platform reliability and operability through observability (metrics, logs, traces) and automation.

• 3+ years of professional software engineering experience (or equivalent practical experience).
• Proficiency in at least one modern programming language (e.g., Java, C#, Python, Go, Type Script).
• Experience building and maintaining enterprise applications (services/APIs, databases, batch/stream processing, or web UIs).
• Strong understanding of secure software development and disciplined SDLC practices (testing, CI/CD, code review).
• Ability to work with non‑technical stakeholders (Legal/Compliance/Risk) and convert requirements into working software.

• Experience delivering software in regulated environments (financial services, healthcare, insurance, public sector, etc.).
• Familiarity with Legal/Compliance/Risk domains such as GECS, Actimize, and CLM applications.
• Experience with compliance monitoring/surveillance, case management, investigations.
• Experience with controls testing (SOX/ICFR), evidence management, audit support.
• Experience with third‑party risk, issues management, policy/attestation platforms.
• Experience with records retention, legal holds, eDiscovery support processes.
• Experience with cloud and platform tooling (containers, orchestration, CI/CD, observability) in production environments.

• Auditability‑first engineering: deterministic workflows, strong logging, defensible reporting.
• Security mindset: threat‑aware design, least privilege, secure defaults.
• Data rigor: quality checks, reconciliation, lineage awareness, and careful handling of sensitive data.
• Operational ownership: build systems that are monitorable, debuggable, and resilient.
• Stakeholder fluency: can discuss risk and controls with business partners, not just…