Senior Risk & Compliance Engineer
San Francisco, CA, United States
About the Role
As a Risk and Compliance Senior Engineer, you will have the opportunity to transform and automate our IT SOX compliance programs within the Engineering and Financial System domains. You'll be the subject matter expert on compliance obligations, leveraging your solid understanding of systems architecture to design, influence, and build cohesive control environments. Your work will enhance the efficiency and effectiveness of our financial operations, ensuring a robust and automated compliance framework that supports Instacart's sophisticated marketplace platform.
About the Team
You will join Instacart's Governance, Risk, and Compliance (GRC) team, a partner organization to our Security Engineering team, reporting through the Chief Information Security Officer organization. Our team is dedicated to managing risks related to security, privacy, and finances. You will join our subdomain team for IT SOX. By providing thoughtful advice and developing innovative solutions, we enable control owners to maintain a balanced approach to risk management. Our work is pivotal in ensuring Instacart can scale while maintaining trust and adhering to regulatory requirements.
About the Job
In this role, you will:
Design and routinely validate effectiveness of IT SOX controls, specifically IT General and IT Automated controls.
During the course of IT SOX controls design and validation, facilitate the communication and validation of questions and evidence between Control Owners, Internal Audit, and External Auditors.
Collaborate with Engineering DevOps teams to build compliance-related code and monitoring tools.
Automate financial transactions and oversight processes, contributing to the seamless operation of Instacart's marketplace platform.
Provide expert advice on compliance to control owners, balancing risk, effectiveness, and efficiency.
About You
Minimum Qualifications
Certified Information Systems Auditor (CISA) certification or equivalent.
5+ years of experience auditing IT general controls or IT automated controls.
Proven experience in designing controls in collaboration with management control owners.
Strong project management and process expertise, particularly in executing and communicating with auditors and control owners.
An ability to work directly with data systems using SQL or other sophisticated query language or code.
Experience in SaaS systems, especially those with homegrown revenue-generating platforms.
Preferred Qualifications
Bachelor’s degree in Computer Science, Engineering, Management Information Systems, Accounting or related work experience
Background in working and auditing IT SOX controls for modern cloud DevOps environments, multi-sided marketplaces, and/or advertising technology companies.
Prior experience with a reputable auditing firm, such as the Big Four or another firm following best-practice IT SOX audit standards.
Experience building small applications in containerized environments to monitor compliance obligations.
#J-18808-Ljbffr