Manager, IT Risk & Compliance

Requisition ID
Position Type
IT & Engineering


Responsible for supporting the Technology division including the development, implementation, and oversight of first line risk management activities such as risk assessments, policies and procedures, monitoring, quality assurance and any associated remediation. Works closely with team members to enhance and further develop quality assurance and quality control programs. Knowledge of enterprise IT operations will help to facilitate working with Information Technology leaders, internal audit and SOX compliance teams.

Job Description

  • Work with IT Infrastructure and Application Development leadership to implement Governance, Risk, and Compliance framework 
  • Develop and oversee Risk Assessments based on PennyMac’s ERM framework
  • Assist with the development of corporate and division policies and procedures necessary to mitigate risks
  • Assist in the development of Quality Assurance (QA) controls testing for IT Infrastructure and Application Development
  • Assist with the development of training requirements for IT related policies, procedures and risk exposures
  • Coordinate monitoring requirements with Internal Audit, and ensure linkage of Risk KPIs to performance evaluation.
  • Develop corporate and division policies necessary to mitigate Risk Assessment and Risk Report exposures
  • Serve as the first line of defense for IT policies, processes, and procedures
  • Support IT Risk & Compliance with the development of presentation materials for various committees and boards
  • Liaison with Internal Audit, second line risk teams, and SOX compliance teams
  • Provide IT related support to the to the Operations Committee including Risk Reporting, remediation plans, and follow-up on action items
  • Manage the Technology Division’s compliance with Corporate Governance requirements
  • Facilitate risk management feedback loops to ensure a consistent understanding of the development, maintenance, and results of first, second, and third line testing routines
  • Develop clear and concise presentations for executive management
  • Performs other related duties as required and assigned
  • Demonstrate behaviors which are aligned with the organization’s desired culture and values

Ideal Candidate will have the following:

  • Bachelor’s Degree from an accredited college or equivalent work experience.
  • 3+ years of relevant work experience in IT Compliance and Risk or related area. 
  • Strong leadership skills as evidenced by an ability to lead and motivate others, function independently, and prioritize work.
  • Demonstrate knowledge of enterprise IT functions, operations, and associated risks.
  • Strong knowledge of the Software Development Lifecycle and Project Management Lifecycle and processes.
  • Familiarity with risk assessment and management methodologies.
  • Must be highly proficient in Microsoft Excel, Word, and PowerPoint or GSuite equivalents.
  • Must be a team player with strong attention to detail and able to work independently.
  • Proven track record of delivering timely and accurate information in a fast-paced environment.
  • Excellent critical thinking, problem solving skills, and sound judgment.
  • Strong business acumen and ability to interface with executive management.
  • Excellent communication skills (Written, Verbal).
  • Experience with ServiceNow and JIRA is a plus.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.