Manager, IT Compliance - Remote, East Coast (Raleigh, Jersey City or New York City preferred)
Arch Capital Group•Raleigh, NC
•Remote
About The Position
The Manager, IT Compliance, working closely with the CISO and Director of IT Security, will provide management, leadership, and delivery of the compliance function, liaising closely with other IT and business stakeholders. He/she will be the main point of contact for all IT Compliance related activities including leading/coordinating IT control assessment activities (SOX, SOC 2, etc.) and customer information security due diligence reviews.
Requirements
- 5 + years of combined experience in the fields of Information Systems audit, IT security, IT governance, IT risk & IT compliance
- In-depth knowledge and experience with Sarbanes-Oxley, PCI-DSS, ISO 27001, SOC 2 and the NYDFS Cybersecurity Regulation.
- Working Knowledge of Windows Operating System and Active Directory Security including Users and Groups, Group Policy, Domain Structures, Security and Auditing.
- Working knowledge of agile development methodology.
- Working knowledge of DevOps practices and technologies.
- Desire to measure and continuously improve in all areas and facets.
- Demonstrated ability to balance short term tactical wins with longer-term strategic solutions.
- Transformative mindset and experience operating as a change agent.
Nice To Haves
- 8 + years of combined experience in the fields of Information Systems audit, IT security, IT risk, & IT compliance.
- CISSP, CISA, CISM, or CCSK Certifications.
- Excellent oral and written communication skills with the ability to communicate technical concepts to a technical and non-technical audience.
- Demonstrated ability to establish relationships and build rapport to influence colleagues at all levels, uncover business issues, and identify needs.
- Experience in a highly regulated industry, such as insurance and/or financial services.
- Some knowledge of and understanding of how to create/execute SQL queries, and scripts using Python and PowerShell.
Responsibilities
- Work with IT process owners to identify/improve and document detailed controls for key application, security, and infrastructure components.
- Provide on-going organization wide guidance on IT control requirements and impact.
- Facilitate requests between control owners and Internal/external audit teams and be the main point of contact with the Internal and External Audit teams.
- Manage and report on IT control gaps, track issues to completion, and provide recommendations for improvements.
- Lead in the design and implementation of efficient and effective controls within the organization.
- Participate in data privacy governance related activities such as data mapping and data privacy assessments.
- Manage the response for IT-related customer security assessments.
- Proactively identify IT control gaps with a focus on automating control reviews wherever possible.
- Manage access recertification process.
Benefits
- Multiple medical plans plus dental, vision and prescription drug coverage
- Competitive 401k with generous matching
- PTO beginning at 20 days per year
- Up to 12 paid company holidays per year
- 2 paid days of Volunteer Time Offer
- Basic Life and AD&D Insurance
- Short and Long-Term Disability
- Paid Parental Leave of up to 10 weeks
- Student Loan Assistance
- Tuition Reimbursement
- Backup Child and Elder Care
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Manager
Education Level
No Education Listed
