Senior Risk and Compliance Engineer

Company Description

ProfytAI automates compliance, risk, and audit readiness for banks and regulated industries. By reducing manual effort and replacing spreadsheet workflows, we help compliance and risk teams achieve continuous audit readiness within complex regulatory frameworks. Our AI-enabled platform optimizes control mapping, evidence collection, monitoring, and reporting across global standards such as ISO 27001 and SOC 2, as well as regional requirements. Tailored for enterprise and banking environments, ProfytAI enhances decision-making and governance while minimizing operational burdens. Our team comprises experts with experience at Deloitte, LinkedIn, TrueCar, and various regulated industries.

Role Description

This is a full-time Senior Risk and Compliance Engineer role based in Ho Chi Minh City, Vietnam, with flexibility for some remote work. This role requires deep governance, risk, and compliance expertise with strong AWS/GCP cloud infrastructure knowledge. You'll design and implement compliance monitoring systems, build automated security scanners, and create intuitive UI experiences that help banks navigate complex regulatory frameworks.

Role Responsibilities

• Design and implement automated compliance scanning systems using AWS Audit Manager, AWS Config, and AWS Security Hub.
• Build custom IAM policies and roles to create security scanners that detect misconfigurations across customer AWS accounts.
• Architect Compliance workflows and UI experiences that map regulatory requirements to technical controls and evidence collection.
• Develop Infrastructure-as-Code for compliance monitoring using AWS CDK/CloudFormation, following security best practices.
• Create compliance dashboards and reporting systems that translate technical findings into business risk language.
• Build internal tools for risk scoring, compliance dashboards, and audit-ready reporting.
• Contribute to architecture decisions for multi-tenant compliance automation at scale.

Qualifications

• 3+ years of hands-on experience with AWS and/or GCP cloud platforms.
• Deep understanding of governance, risk, and compliance processes and control frameworks (risk assessments, audits, evidence lifecycle, control testing).
• Strong grasp of how compliance workflows should be represented in user interfaces for compliance officers and auditors.
• Experience building automated security scanners and configuration monitoring systems (drift detection).
• Proficiency in Python and TypeScript with cloud infrastructure automation.
• Strong Communication skills in English to collaborate with cross-functional teams and stakeholders.