Software Engineer – Legal​/Compliance​/Risk

About the Role:

Grade Level (for internal use): 10

S&P Global has recently announced the intent to separate our Mobility Segment into a standalone public company.

You will configure, customize, expand and support software that powers Legal, Compliance, and Risk functions across the enterprise—supporting capabilities such as regulatory reporting, controls testing and evidence management, policy management, surveillance/monitoring, case & workflow management, third‑party/vendor risk, audit support, and records retention/eDiscovery enablement. This role partners closely with Legal, Compliance, Risk, Audit, Privacy, and Security to deliver systems that are secure, auditable, reliable, and explainable.

• Set up and support SaaS and hosted applications and maintain end‑to‑end application features across UI, services, and data layers for Legal/Compliance/Risk platforms.
• Translate complex regulatory and policy requirements into clear functional specifications and maintainable technical designs.
• Write clean, testable code; contribute to engineering standards, code reviews, and documentation.
• Own production quality: participate in on‑call/operational support, incident triage, and post‑incident remediation.

• Ensure systems provide traceability from requirements → implementation → test coverage → operational monitoring.

• Build data pipelines and reporting capabilities for compliance and risk metrics (e.g., KRIs, control effectiveness, regulatory submissions).
• Partner with data teams to ensure data quality, lineage, reconciliation, and governance.
• Adapt systems to evolving regulatory expectations with minimal disruption (configuration‑driven rules where appropriate).

• Implement security best practices: encryption, secure secrets handling, least privilege, and strong authentication/authorization.
• Support privacy‑by‑design: data minimization, purpose limitation, retention, and subject rights workflows as applicable.
• Collaborate with Security teams on threat modeling, vulnerability remediation, and audit responses.

• Integrate Legal/Compliance/Risk applications with enterprise platforms (identity, messaging, ticketing, document management, data warehouses).
• Build scalable APIs and event‑driven integrations to reduce manual work and improve timeliness of compliance processes.
• Improve platform reliability and operability through observability (metrics, logs, traces) and automation.

• 3+ years of professional software engineering experience (or equivalent practical experience).
• Proficiency in at least one modern programming language (Java, C#, Python, Go, Type Script).
• Experience building and maintaining enterprise applications (services/APIs, databases, batch/stream processing, or web UIs).
• Strong understanding of secure software development and disciplined SDLC practices (testing, CI/CD, code review).
• Ability to work with non‑technical stakeholders (Legal/Compliance/Risk) and convert requirements into working software.

• Experience delivering software in regulated environments (financial services, healthcare, insurance, public sector, etc.).
• Familiarity with Legal/Compliance/Risk domains such as GECS, Actimize, and CLM applications.
• Compliance monitoring/surveillance, case management, investigations.
• Controls testing (SOX/ICFR), evidence management, audit support.
• Third‑party risk, issues management, policy/attestation platforms.
• Records retention, legal holds, eDiscovery support processes.
• Experience with cloud and platform tooling (containers, orchestration, CI/CD, observability) in production environments.

• Auditability‑first engineering: deterministic workflows, strong logging, defensible reporting.
• Security mindset: threat‑aware design, least privilege, secure defaults.
• Data rigor: quality checks, reconciliation, lineage awareness, and careful handling of sensitive data.
• Operational ownership: builds systems that are monitorable, debuggable, and resilient.
• Stakeholder fluency: can discuss risk and controls with business partners, not just technology.

S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment.

If you need an accommodation during the application process due to a disability, please send an email to  and your request will be forwarded to the appropriate person.