Manager, IT Governance, Risk & Compliance

Manager, IT Governance, Risk & Compliance

With a company culture rooted in collaboration, expertise and innovation, we aim to promote progress and inspire our clients, employees, investors and communities to achieve their greatest potential. Our work is the catalyst that helps others achieve their goals. In short, We Enable Possibility℠.

Job Summary

The Manager, IT Governance, Risk & Compliance (GRC) supports the Arch Global Mortgage business by executing governance, risk, and compliance activities related to technology, security, and regulatory obligations. This role serves as a primary execution and coordination point between Arch Global Mortgage stakeholders, Arch technology and security teams, customers, and regulators.

The position focuses on intake, analysis, coordination, and drafting of Arch Global Mortgage-related materials, working in close partnership with the VP, Chief Information Security Officer.

Work Arrangement

This is a fully remote U.S.-based role. Candidates located on the U.S. West Coast are strongly preferred, as the position requires regular overlap with both U.S. stakeholders and the Arch Global Mortgage team in Sydney, Australia.

Key Responsibilities

Request Intake & Coordination

• Serve as a primary point of contact for Arch Global Mortgage originating requests related to technology risk, security controls, customer audits, and regulatory inquiries.
• Interface with international Arch Global Mortgage stakeholders to understand regulatory, customer, and business drivers.
• Triage incoming requests, identify appropriate subject-matter experts, coordinate inputs, and track responses to completion.

Governance, Risk & Compliance Execution

• Draft and prepare regulatory responses, customer communications, and supporting materials for review, refinement, and approval by the CISO.
• Develop background analysis, control narratives, and documentation used to support external responses.
• Create and maintain regulatory-to-control mappings demonstrating alignment between Arch Global Mortgage requirements and Arch technology and security controls.
• Interpret Arch policies, standards, and control frameworks for Arch Global Mortgage-specific use cases and escalate gaps or ambiguities.
• All external regulatory or customer responses are routed through senior leadership rather than independently positioned, particularly during the first 18–24 months.

SOC 2 & Customer Audit Support

• Support relevant SOC 2 engagements and other audit activities by coordinating evidence collection, drafting control descriptions and response inputs, and managing requests from auditors and internal teams.
• This role contributes to execution and preparation but does not independently own audit positioning or conclusions.

Business Continuity & Disaster Recovery

• Maintain working familiarity with business continuity and disaster recovery (BC/DR) concepts relevant to Arch Global Mortgage.
• Support BC/DR governance activities, documentation updates, testing preparation, and related audit, customer, or regulatory requests.

Operational Rhythm & Leadership Enablement

• Partner with the CISO to establish and maintain a calendar of recurring Arch Global Mortgage governance, compliance, and reporting activities.
• Draft metrics, summaries, and artifacts used for senior leadership discussions and board or committee materials.
• Surface risks, control gaps, and areas of uncertainty clearly and promptly to support prioritization decisions.

Qualifications & Experience

• Experience in IT governance, risk, compliance, or security risk management within financial services or insurance.
• Experience working with global or non-U.S. regulated businesses strongly preferred.
• Experience supporting customer audits and third-party risk management (TPRM) programs, particularly with banks or large financial institutions.
• Prior technical background sufficient to understand, assess, and question technology and security controls.
• Strong written communication skills, with experience drafting materials intended for external review.
• Familiarity with SOC 2 and BC/DR concepts required (ownership experience not required).
• Ability to work across time zones; U.S. West Coast preferred but negotiable, with willingness to overlap with Australian (Sydney) business hours.

What Success Looks Like

• Becomes a trusted execution partner to the CISO and a reliable liaison for Arch Global Mortgage stakeholders.
• Regulatory, customer, and audit requests are handled consistently and efficiently.
• High-quality drafts and supporting materials reduce preparation burden on senior leadership.
• Risks and uncertainties are surfaced early, improving predictability and confidence in external engagements.

Required Education & Experience

Required knowledge & skills would typically be acquired through a Bachelor's degree plus 5+ working in IT Audit/ IT Compliance related experience or equivalent combination of education and experience.

Working Conditions/Environment & Physical Demands

• Normal office environment.
• Attendance/Punctuality: Is consistently at work and on time; Ensures work responsibilities are covered when absent.
• Fully remote.

Compensation & Benefits

The base salary range for this position is $120,000 - $200,000/year. Total individual compensation will consider factors like geographic location, scope, qualifications, and business needs. Arch Capital Group Ltd. offers a comprehensive benefits package including medical, dental, vision, 401k with matching, generous PTO, paid holidays, parental leave, student loan assistance, and tuition reimbursement. Explore opportunities to solve complex business problems with talented colleagues.

Key skills/competency

• IT Governance
• Risk Management
• Compliance Frameworks
• Information Security
• Regulatory Affairs
• SOC 2 Audits
• Business Continuity
• Disaster Recovery
• Financial Services
• Third-Party Risk Management