Governance Risk Compliance Jobs in Rochester, NY

Are you interested in improving the cyber and organizational risk profiles of leading companies? Do you want to build the data foundations that power the next generation of AI-enabled cyber defense?

If yes, then Deloitte's Cyber team could be the place for you.

We are looking for a hands-on Data Engineer to build and operate the governed data foundations powering cyber risk, compliance evidence, and agentic AI-enabled cyber workflows. You will design production-grade pipelines and services that support risk reporting, continuous controls monitoring, and AI-assisted security operations-built with strong governance, lineage, privacy-by-design, and audit-ready evidence.

This role is ideal for engineers who can bridge modern data engineering and software development with Governance, Risk, and Compliance (GRC) expectations in regulated enterprise environments.

Recruiting for this role ends on 12/31/2026.

Work you'll do

As a Senior Consultant, Strategy, Growth and Transformation on the Cyber team, you will be responsible for:

• Building scalable batch and stream processing pipelines that ingest security telemetry, control evidence, and compliance artifacts into governed data stores.
• Designing data models for risk and controls domains, including key risk indicators, issues and defects, risk acceptance, control testing outcomes, audit evidence, and policy exceptions, and enabling self-service analytics and dashboards.
• Implementing data quality checks, lineage, metadata, and access controls to support auditability, regulatory defensibility, and repeatable evidence generation.
• Developing AI-enabled capabilities that accelerate governance, risk, and compliance and cyber operations, including evidence summarization, control testing assist, policy question-and-answer, investigation copilots, ticket triage, and exception reasoning using agentic patterns, workflow orchestration, and retrieval-augmented generation.
• Engineering integrations between data platforms, governance, risk, and compliance workflows, and enterprise systems using application programming interfaces, event patterns, and connectors, with observability and runbooks for production support.
• Partnering with Cyber, Risk, Compliance, Privacy, and Legal stakeholders to translate requirements into implementable controls and developer-ready guardrails.

A successful candidate would possess these skills:

• Ability to work independently and collaborate as part of a team
• Effective written and verbal communication skills
• Meticulous attention to detail and quality of work product
• Ability to build and sustain professional relationships
• Ability to lead projects or workstreams
• Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
• Strong interpersonal skills and professional demeanor
• Ability to meet deadlines
• Ability to provide clear guidance to others

The team

You will join a cyber engineering team focused on enabling resilient, secure, and compliant operations through modern data platforms and AI-enabled automation. The team builds repeatable assets-reference architectures, accelerators, and governance patterns-to help clients modernize and scale cyber and GRC programs.

Qualifications

Required:

• Bachelor's degree or equivalent practical experience.
• 4+ years of experience in data engineering and software development using Python and SQL.
• Experience building production data pipelines and data models for batch processing, stream processing, or both, and deploying solutions using cloud platforms, containers, infrastructure as code, application programming interfaces, and secrets management.
• Experience implementing data governance controls including data classification, personally identifiable information handling, least-privilege access, encryption, secrets management, retention, audit logging, and lineage or metadata management.
• Experience supporting governance, risk, and compliance workflows, including risk reporting, audit data requests, controls monitoring, controls testing, compliance metrics, governance, risk, and compliance tool integrations, and large language model-enabled applications using retrieval-augmented generation, vector or hybrid retrieval, tool or function calling, evaluation or monitoring, prompt-injection defenses, and secure access patterns.
• Ability to travel 0-25%, on average, based on the work you do and the clients and industries/sectors you serve.
• Limited immigration sponsorship may be available.

Preferred:

• Experience in consulting or a Big 4 environment.
• Experience with Java, Go, or JavaScript.
• Experience integrating with ServiceNow GRC, Archer, OneTrust, or BigID and building evidence pipelines mapped to control objectives.
• Experience building pipelines for security information and event management, security orchestration, automation, and response, vulnerability, identity, or cloud security posture data.
• Experience operationalizing large language model operations or machine learning operations capabilities, including evaluation, monitoring, versioning, and governance workflows.
• Security certification such as CompTIA Security+, Certified Information Security Manager, Certified Information Systems Auditor, Certified Information Systems Security Professional, or a cloud certification.

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $105,400 to $207,800.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

Are you interested in improving the cyber and organizational risk profiles of leading companies? Do you want to build the data foundations that power the next generation of AI-enabled cyber defense?

If yes, then Deloitte's Cyber team could be the place for you.

We are looking for a hands-on Data Engineer to build and operate the governed data foundations powering cyber risk, compliance evidence, and agentic AI-enabled cyber workflows. You will design production-grade pipelines and services that support risk reporting, continuous controls monitoring, and AI-assisted security operations-built with strong governance, lineage, privacy-by-design, and audit-ready evidence.

This role is ideal for engineers who can bridge modern data engineering and software development with Governance, Risk, and Compliance (GRC) expectations in regulated enterprise environments.

Recruiting for this role ends on 12/31/2026.

Work you'll do

As a Senior Consultant, Strategy, Growth and Transformation on the Cyber team, you will be responsible for:

• Building scalable batch and stream processing pipelines that ingest security telemetry, control evidence, and compliance artifacts into governed data stores.
• Designing data models for risk and controls domains, including key risk indicators, issues and defects, risk acceptance, control testing outcomes, audit evidence, and policy exceptions, and enabling self-service analytics and dashboards.
• Implementing data quality checks, lineage, metadata, and access controls to support auditability, regulatory defensibility, and repeatable evidence generation.
• Developing AI-enabled capabilities that accelerate governance, risk, and compliance and cyber operations, including evidence summarization, control testing assist, policy question-and-answer, investigation copilots, ticket triage, and exception reasoning using agentic patterns, workflow orchestration, and retrieval-augmented generation.
• Engineering integrations between data platforms, governance, risk, and compliance workflows, and enterprise systems using application programming interfaces, event patterns, and connectors, with observability and runbooks for production support.
• Partnering with Cyber, Risk, Compliance, Privacy, and Legal stakeholders to translate requirements into implementable controls and developer-ready guardrails.

A successful candidate would possess these skills:

• Ability to work independently and collaborate as part of a team
• Effective written and verbal communication skills
• Meticulous attention to detail and quality of work product
• Ability to build and sustain professional relationships
• Ability to lead projects or workstreams
• Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
• Strong interpersonal skills and professional demeanor
• Ability to meet deadlines
• Ability to provide clear guidance to others

The team

You will join a cyber engineering team focused on enabling resilient, secure, and compliant operations through modern data platforms and AI-enabled automation. The team builds repeatable assets-reference architectures, accelerators, and governance patterns-to help clients modernize and scale cyber and GRC programs.

Qualifications

Required:

• Bachelor's degree or equivalent practical experience.
• 4+ years of experience in data engineering and software development using Python and SQL.
• Experience building production data pipelines and data models for batch processing, stream processing, or both, and deploying solutions using cloud platforms, containers, infrastructure as code, application programming interfaces, and secrets management.
• Experience implementing data governance controls including data classification, personally identifiable information handling, least-privilege access, encryption, secrets management, retention, audit logging, and lineage or metadata management.
• Experience supporting governance, risk, and compliance workflows, including risk reporting, audit data requests, controls monitoring, controls testing, compliance metrics, governance, risk, and compliance tool integrations, and large language model-enabled applications using retrieval-augmented generation, vector or hybrid retrieval, tool or function calling, evaluation or monitoring, prompt-injection defenses, and secure access patterns.
• Ability to travel 0-25%, on average, based on the work you do and the clients and industries/sectors you serve.
• Limited immigration sponsorship may be available.

Preferred:

• Experience in consulting or a Big 4 environment.
• Experience with Java, Go, or JavaScript.
• Experience integrating with ServiceNow GRC, Archer, OneTrust, or BigID and building evidence pipelines mapped to control objectives.
• Experience building pipelines for security information and event management, security orchestration, automation, and response, vulnerability, identity, or cloud security posture data.
• Experience operationalizing large language model operations or machine learning operations capabilities, including evaluation, monitoring, versioning, and governance workflows.
• Security certification such as CompTIA Security+, Certified Information Security Manager, Certified Information Systems Auditor, Certified Information Systems Security Professional, or a cloud certification.

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $105,400 to $207,800.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.