Senior Director, IT & Security GRC
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Senior Director of IT & Security GRC at RealPage overseeing technology risk management and regulatory compliance across a complex SaaS ecosystem.
Responsibilities:
- Partner with control owners (1st LOD) to mature controls, drive automation, and remediate control deficiencies prior to year-end.
- Monitor compliance of control design and operating effectiveness.
- Build, govern, and continuously evolve the enterprise Technology Risk, Threat, and Control Library, mapped to NIST CSF 2.0, COBIT 2019, ISO 27001, MITRE ATT&CK, and applicable regulatory regimes.
- Establish a unified control taxonomy enabling control rationalization, framework crosswalks, and "test once, satisfy many" efficiencies across SOX, PCI DSS, SOC 1, SOC 2 and NYDFS.
- Demonstrated interest or working proficiency in "vibe coding" and AI-assisted development workflows using tools (e.g., Claude Code, Cursor and GitHub Copilot).
- Hands-on familiarity with leading Large Language Models (LLMs) (e.g., Anthropic Claude (Opus, Sonnet, Haiku), OpenAI GPT-4/5 and o-series, Google Gemini, Meta Llama, and Mistral).
- Develop and deliver executive ready reporting on technology risk posture, control health, emerging threats, regulatory developments, and remediation progress.
- Serve as a trusted advisor to IT, Information Security and Engineering on technology risk, control design, and regulatory implications of strategic initiatives.
Requirements:
- Bachelor's degree in Business Administration, Accounting, Finance, Operations, Computer Science, Information Technology, Cybersecurity, or a related field; advanced degree (MBA, MS) preferred.
- Minimum 12+ years of progressive experience in technology risk, IT audit, GRC, or information security, with at least 7+ years leading and developing high-performing teams.
- Deep, hands-on expertise across SOX IT General Controls, technology risk management, control design, and the IT audit lifecycle within a complex public company environment.
- Strong understanding on AI risk management with practical experience working with AI solutions.
- Demonstrated experience designing and operating GRC programs aligned to NIST CSF 2.0, COBIT 2019, COSO 2013, ISO 27001, and MITRE ATT&CK.
- Proven track record of executive- and Board-level communication, including authoring risk narratives, committee materials, and Board updates.
- Ability to be a change agent and influence positive outcomes by exercising critical thinking, strategic growth, and a bias toward action.
- Exceptional ability to influence without authority and partner effectively with senior IT, Engineering, Security, Internal Audit, and business leaders.
- Exceptionally strong quantitative and analytical skills, with experience applying formal risk and process improvement practices (e.g., FAIR, NIST 800-30, Lean, Six Sigma).
- Excellent leadership, communication, interpersonal, and presentation skills, with the ability to operate from technical detail to Board-room strategy.
- Ability to work extended hours when needed to meet department, audit, and regulatory deadlines.
- Relevant certifications strongly preferred (e.g., CISA, CRISC, CISM, CISSP, CIA, CGEIT, ISO 42001).
- Preferred 7+ years of experience in the Property Management, Multifamily Housing, SaaS, FinTech, or PropTech industries.
Benefits:
- Health, dental, and vision insurance.
- Retirement savings plan with company match.
- Paid time off and holidays.
- Professional development opportunities.
- Performance-based bonus based on position.
Similar Jobs
Security Engineer
Security Engineer at Level Access ensuring the most secure digital accessibility practices. Involves security alert triage, vulnerability management, and operational efficiency through AI tools.
Security Engineer
Security Engineer at Level Access focusing on securing digital accessibility through alerts, automation, and compliance. Collaborating with stakeholders to manage vulnerabilities and enhance security awareness.
Security L2 Technical Support Team Lead
Security L2 Technical Support Team Lead at Genea providing technical support and team development. Overseeing operational efficiency and complex service cases in the physical security domain.
Security Engineer
Security Engineer at Soteria providing specialized cybersecurity assessments and advisory services. Communicating with clients to align security strategies with business objectives while maintaining strong professional relationships.
Information Systems Security Officer
Information Systems Security Officer ensuring security and integrity of information systems at Paragone Solutions, Inc. Responsible for implementing and maintaining security policies and controls.
Information Security Architect – Endpoints, Servers
Information Security Architect at Jabil responsible for IT architecture, design, and implementation approaches. Leading security projects and providing oversight for customer connections in a multicultural environment.
Security Engineer – FedRAMP
Security Engineer providing technical expertise on Security control implementations and development of Information Security procedures for Valiant Solutions. Contributing to FedRAMP compliance and analysis of vendor solutions.
Senior SailPoint App Security Specialist
Senior SailPoint App Security Specialist managing identity solutions within international projects for IRIUM. Ensuring security and integrity of corporate applications with a remote working model.
SAILPOINT App Security Specialist
SailPoint App Security Specialist managing identity solutions for corporate applications. Ensuring security and integrity while working fully remotely in Spain.
Security Consultant – Staff
Security Consultant providing security leadership across application modernization and database migration. Establishing compliance standards and guiding technical teams in security best practices.
Security Brand Program Manager
Security Brand Program Manager implementing security initiatives and promoting a security culture at Jamf. Collaborating with cross-functional teams to strengthen security values for Apple customers worldwide.
Cybersecurity Engineer
Cybersecurity Engineer responsible for designing and implementing secure solutions at Apollo Information Systems. Working remotely, collaborating with teams to enhance cybersecurity for clients.
Cybersecurity Advisor II
Cybersecurity Advisor II developing business-aware security strategies for clients and guiding compliance efforts. Engaging in long-term advisory relationships with strong focus on business outcomes.
Cybersecurity Engineer
Cyber Security Engineer enhancing security posture and automating protection in healthcare settings. Responsibilities include incident response and vulnerability management across IT environments.
Security & Compliance Engineer
Security & Compliance Engineer improving operational security for SaaS products at Grant Street Group. Focused on vulnerability management and compliance in AWS and Linux environments.
Business Information Security Officer
Business Information Security Officer at Blip Global facilitating communication between security and product teams. Engaging deeply in product cycles and technical discussions for effective security integration.
Information Security Compliance Associate
Information Security Compliance Associate maintaining compliance and security documentation for Case IQ. Supporting internal and external audits while collaborating with IT and Security teams.
Learning Facilitator – Security and Property Protection – m/f/d
Trainer:in at WBS TRAINING focusing on competency development in security education. Conducting lessons and supporting learners in their professional growth.
Principal Cloud Security Architect – Azure
Cloud Security Architect at Tamnoon engaging with customers and remediating cloud vulnerabilities. Collaborating with teams to enhance security practices and share technical knowledge.
Associate Architect, SAP Security, Threat Mitigation
Associate Architect supporting Rimini Protect! Security Services to research threats and vulnerabilities. Collaborating closely with team and Client Success Managers to enhance ERP solution security.