Manager IT Governance, Risk, & Compliance (GRC) - Hybrid, Greensboro

With a company culture rooted in collaboration, expertise and innovation, we aim to promote progress and inspire our clients, employees, investors and communities to achieve their greatest potential. Our work is the catalyst that helps others achieve their goals. In short, We Enable Possibility℠.

Job Summary

The Manager, IT Governance, Risk, and Compliance will provide oversight, delivery, and execution of IT Security & Compliance processes for Arch MI, working closely with IT and business management, individual contributors and customers.  This person will be the point of contact for all information security & compliance related activities including leading IT control assessments (SOX, SOC 2, etc.), manage delivery of customer information security due diligence reviews, and monitor IT internal control commitments.

This is a hybrid, twice-a-week, in-n office role in our Greensboro office.

Responsibilities

• Oversee the delivery of staff assignments and responsibilities within the IT Security and Compliance function.
• Support the execution and review of SOX and SOC 2 engagements. 
• Manage requests from customers and state agencies relating to security assessments of Arch MI and its associated infrastructure. 
• Deliver regular reporting and metrics to IT management.
• Provide advisory support and education relating to IT security initiatives, compliance requirements, and best-practices.
• Monitor remediation efforts of IT risk related findings and process improvement initiatives.
• Coordinate maintenance of and revision to policies, standards, guidelines and procedures.
• Support BCP and DR program management through leading semi-annual DR exercises, annual business continuity tests, updates to the BC/GRC platform, and maintenance of documented plans.

Knowledge & Skills

• Experience supporting the execution of IT control audits such as Sarbanes-Oxley, PCI-DSS, ISO 27001, SOC 1 / SOC 2 engagements.
• A thorough understanding of the relationship between risks and controls, technology, and key business processes
• Understanding of business continuity and disaster recovery concepts and generally accepted best practices
• General knowledge and understanding of cloud services and associated risks.
• Excellent inter-personal skills, able to work independently and a key contributor in a team environment.
• Excellent analytical and problem-solving abilities and process oriented.
• Excellent written and oral communication skills.

Education & Experience

• Required knowledge & skills would typically be acquired through a Bachelors degree plus 5+ working in IT Audit/ IT Compliance related experience or equivalent combination of education and experience. 
• Preferred, an industry recognized certification or working to complete such certification (i.e. CISSP, CISA, CISM, CCSP, etc.)

#LI-Hybrid
#LI-ZP1
 

Do you like solving complex business problems, working with talented colleagues and have an innovative mindset? Arch may be a great fit for you. If this job isn’t the right fit but you’re interested in working for Arch, create a job alert! Simply create an account and opt in to receive emails when we have job openings that meet your criteria. Join our talent community to share your preferences directly with Arch’s Talent Acquisition team.