Senior Cloud Governance Engineer

Our Client is seeking a Senior Cloud Governance Engineer.

Key Responsibilities:

Own the end-to-end compliance lifecycle for cloud

infrastructure; Ensure environments are continuously aligned with organizational policies, regulatory frameworks (SOC 2, ISO 27001, NIST, CIS Benchmarks), and internal standards

Translate compliance requirements into enforceable Azure Policy definitions,

Terraform validation rules, and automated guardrails that prevent non-compliant resources from being deployed

Design and implement automated workflows for collecting,
rganizing, and presenting audit evidence; Reduce manual effort during audit cycles by building

repeatable, auditable processes

Review and provide guidance on infrastructure-as-code patterns to ensure they meet compliance, security, and operational standards; Propose required updates to existing Terraform modules when standards evolve
Operate and optimize cloud security posture management (CSPM) tooling, primarily Wiz, to identify misconfigurations, prioritize risk, and drive remediation with engineering teams
Build and maintain compliance dashboards and workbooks using Azure Monitor and Azure Workbooks to provide real-time visibility into governance posture across subscriptions and environments
Design and build AI/LLM-driven tools that accelerate governance workflows – such as automated control mapping, natural-language policy interpretation, intelligent evidence summarization, and anomaly detection across compliance data
Maintain and operate governance, risk, and compliance (GRC) processes – including risk register management, control testing schedules, exception tracking, and remediation SLA monitoring; Ensure alignment between cloud infrastructure controls and enterprise GRC frameworks

Requirements

GRC Fundamentals: Solid understanding of governance, risk, and compliance frameworks; Experience with risk assessment methodologies, control mapping, exception management, and working with GRC platforms (ServiceNow GRC, Archer, or similar)
IT Audit Experience: Hands-on participation in both internal and external IT audits – scoping

controls, gathering evidence, responding to auditor inquiries, and driving remediation of findings to closure

Cloud Compliance Expertise: Deep understanding of compliance frameworks (SOC 2, ISO

27001, FedRAMP, NIST, CIS) and how they map to cloud infrastructure configurations and controls

Azure Governance Tooling: Strong proficiency with Azure Policy, Azure Monitor, Azure

Workbooks, Microsoft Defender for Cloud, and Management Groups/Subscription governance patterns

CSPM Tools (Wiz): Experience o
ating Wiz or comparable CSPM platforms (Prisma Cloud,

Orca) for vulnerability detection, compliance scanning, and risk prioritization

Infrastructure as Code (Terraform): Solid understanding of Terraform; You can read, review,

and recommend changes to HCL modules to enforce compliance standards – not just flag violations after the fact

Automation & Scripting: Ability to automate evidence collection and reporting workflows using

scripting (Python, PowerShell, Bash) and Azure-native automation tools (Logic Apps, Azure Functions, Azure Automation)

AI/LLM Application Development: Experience building internal tools or workflows leveraging

large language models – prompt engineering, RAG patterns, or agent-based automation applied to operational or compliance use cases

Communication & Influence: You can translate technical audit findings into clear remediation
Are you interested in this position?

Apply by clicking on the “Apply Now” button below!

#AlbionarcJobs#FintechJobs

#AsiaJobs#MiddleEastCareers

#TechTalent#FintechRecruitment

#FinanceOpportunities#