Full Description and Link to Apply

At Enact Mortgage Insurance (Nasdaq: ACT), we understand that there’s no place like home. That’s why we bring our deep expertise, insightful offerings, and extra mile service to work every day to help lenders put more people in homes and keep them there.

We are seeking a Senior Manager, Information Security Assurance, to join our team in Raleigh, NC and help drive our mission forward while upholding our core values of excellence, continuous improvement, and collaboration. In this role, you will lead a team of Information Security professionals and your most important responsibilities will include achieving SOC 2 attestation, addressing external regulatory and customer inquiries, and managing information and cybersecurity risk.

LOCATION
Enact Headquarters, Raleigh, NC – Hybrid Schedule

YOUR RESPONSIBILITIES

Manage the SOC 2 attestation process, including evidence collection.Respond to customer and regulatory requests for security information and audits.

Conduct third-party security risk assessments to evaluate vendor security posture.

Conduct and coordinate internal and external risk assessments.

Oversee security awareness training programs and phishing simulations.

Manage internal and external audit findings, ensuring timely finding remediation.

Maintain and oversee the information security risk register, ensuring timely risk remediation.

Manage information security exceptions, ensuring appropriate risk mitigation strategies.

Lead a team of Information Security professionals in alignment with Enact’s Expectations of People Leaders

Achieve an unqualified SOC 2 attestation against the Security, Confidentiality, and Availability Trust Services Principles.

Address customer and regulatory requests for information, including audits, within established service level agreements.

Partner routinely with technology, risk management, compliance, and internal audit functions to evaluate and manage risk.

YOUR QUALIFICATIONS

A bachelor's degree in information technology, information security, cyber security, or related field

7+ years of experience working in information security or cyber security

5+ years of experience working with SOC 2

Proven leadership and team management skills with a focus on professional/staff development.

In-depth understanding of relevant regulatory and industry standards and requirements including SOX, SOC 2, NY DFS, NIST, and CIS.

Data-driven approach to decision-making and a risk-based mindset to prioritize and address risk.

A clear understanding of the business impact of security and the ability to align security strategies with business objectives.

PREFERRED QUALIFICATIONS

Master’s degree in information technology, information security or business-related fields (e.g. Risk Management or MBA with IT, IS, or Audit concentration).

Practical and relevant experience administering business and technology systems.

Experience automating governance, risk, and compliance workflows.