GRC Risk Manager

This is a high-impact individual contributor role for a deeply technical risk specialist who thrives in complexity and change, operating with a high degree of autonomy as a trusted advisor.

As part of the Enterprise Security team, the role shapes how enterprise security risk is identified and articulated across the business and global supply chain, translating technical risk into clear outcomes and enabling confident, data-informed decisions—a rare opportunity to influence risk at scale across a global organizations!

Key Responsibilities:

• Own and evolve security risk and assurance activities, ensuring high-quality articulation and tracking in ServiceNow IRM, and acting as an SME to guide and assure team outputs
• Lead supply-chain cyber risk assurance engagements end-to-end, from tiering and assessments through to ongoing assurance
• Run post-incident reviews, policy exception management and control assurance driving systemic improvements and measurable risk reduction
• Partner across Security, Technology, Legal, Procurement and the wider business to influence decisions and drive positive security outcomes

Required Skills and Experience :

• Deep expertise in technical security risk management and frameworks such as ISO 27001 or NIST
• Demonstrable experience leading high-impact risk assessments and third-party risk programmes in fast-paced environments
• Strong analytical capability, using data and metrics to drive prioritization and decision-making
• Exceptional interpersonal skills, with the ability to influence and challenge skillfully at all levels
• Highly autonomous, outcome-focused, and comfortable owning evolving problem spaces end-to-end

Nice to Have

• Semiconductor industry experience highly desirable, with an understanding of its technologies, supply chains, and risk landscape
• Certifications such as CRISC, CISM, CISSP or FAIR
• Experience with ServiceNow IRM and scaling GRC processes through automation or AI

In Return:

This role offers a competitive salary and benefits package, alongside the opportunity to join Arm's diverse community of collaborators to help shape an AI-enabled and highly efficient GRC function while working with evolving technologies, solving sophisticated challenges and delivering meaningful impact.

Accommodations at Arm

At Arm, we want to build extraordinary teams. If you need an adjustment or an accommodation during the recruitment process, please email accommodations@arm.com. To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation or adjustment requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation. Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud, or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process.

Hybrid Working at Arm

Arm’s approach to hybrid working is designed to create a working environment that supports both high performance and personal wellbeing. We believe in bringing people together face to face to enable us to work at pace, whilst recognizing the value of flexibility. Within that framework, we empower groups/teams to determine their own hybrid working patterns, depending on the work and the team’s needs. Details of what this means for each role will be shared upon application. In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution. Please talk to us to find out more about what this could look like for you.

Equal Opportunities at Arm

Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don’t discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.