[Hiring] Senior Director, IT & Security GRC @RealPage

Role Description

This role reports to VP, Technology GRC and Deputy CISO and has accountability for maturing SOX ITGC oversight, establishing a unified Technology Risk, Threat, and Controls Library, and delivering executive-level risk reporting and advisory services. It partners closely with senior leadership, Internal Audit, and business stakeholders to design and operate a scalable, framework-aligned risk and control environment across a complex SaaS ecosystem. The position serves as a strategic advisor to executives, providing clear insight into technology risk posture, emerging threats, and remediation strategies while enabling regulatory compliance (SOX, PCI, SOC, NYDFS) and business objectives.

Responsibilities

• SOX IT General Controls (ITGCs):
  • Partner with control owners (1st LOD) to mature controls, drive automation, and remediate control deficiencies prior to year-end.
  • Monitor compliance of control design and operating effectiveness.
• Technology Risks, Threats & Controls Library:
  • Build, govern, and continuously evolve the enterprise Technology Risk, Threat, and Control Library, mapped to NIST CSF 2.0, COBIT 2019, ISO 27001, MITRE ATT&CK, and applicable regulatory regimes.
  • Establish a unified control taxonomy enabling control rationalization, framework crosswalks, and "test once, satisfy many" efficiencies across SOX, PCI DSS, SOC 1, SOC 2 and NYDFS.
• AI Risk Management:
  • Demonstrated interest or working proficiency in "vibe coding" and AI-assisted development workflows using tools (e.g., Claude Code, Cursor and GitHub Copilot).
  • Hands-on familiarity with leading Large Language Models (LLMs) (e.g., Anthropic Claude, OpenAI GPT-4/5, Google Gemini, Meta Llama, and Mistral).
  • Working knowledge of LLM application patterns — prompt engineering, retrieval-augmented generation (RAG), function/tool calling, agentic workflows, and Model Context Protocol (MCP).
  • Familiarity with the AI/LLM risk landscape, including OWASP Top 10 for LLM Applications, NIST AI RMF, ISO/IEC 42001, MITRE ATLAS, and emerging regulatory expectations.
  • Ability to govern AI responsibly while using it productively leveraging LLMs to accelerate risk assessments, control narratives, policy drafting, audit evidence review, and Board reporting.
• Committee & Board Reporting:
  • Develop and deliver executive ready reporting on technology risk posture, control health, emerging threats, regulatory developments, and remediation progress.
• Advisory Services:
  • Serve as a trusted advisor to IT, Information Security and Engineering on technology risk, control design, and regulatory implications of strategic initiatives.
  • Provide proactive risk and control guidance on architecture decisions, technology investments, third-party engagements, and new product capabilities.
  • Embed risk and control thinking into enterprise programs and strategic pillars.
• Issue & Remediation Management:
  • Own the enterprise technology risk and control issue lifecycle, including identification, root cause analysis, risk rating, remediation planning, tracking, and closure validation.
  • Drive accountability across control owners and remediation owners; escalate aging or critical issues to executive leadership and the Board.
  • Maintain a single enterprise issue register with risk-rated, time-bound action plans and trend reporting for governance forums.
• Risk Assessments:
  • Perform risk assessment on AI agentic solutions.
  • Translate risk assessment outputs into actionable risk treatment plans, control improvements, capital and investment recommendations, and executive risk narratives.

Qualifications

• Bachelor's degree in Business Administration, Accounting, Finance, Operations, Computer Science, Information Technology, Cybersecurity, or a related field; advanced degree (MBA, MS) preferred.
• Minimum 12+ years of progressive experience in technology risk, IT audit, GRC, or information security, with at least 7+ years leading and developing high-performing teams.
• Deep, hands-on expertise across SOX IT General Controls, technology risk management, control design, and the IT audit lifecycle within a complex public company environment.
• Strong understanding on AI risk management with practical experience working with AI solutions.
• Demonstrated experience designing and operating GRC programs aligned to NIST CSF 2.0, COBIT 2019, COSO 2013, ISO 27001, and MITRE ATT&CK.
• Proven track record of executive- and Board-level communication, including authoring risk narratives, committee materials, and Board updates.
• Ability to be a change agent and influence positive outcomes by exercising critical thinking, strategic growth, and a bias toward action.
• Exceptional ability to influence without authority and partner effectively with senior IT, Engineering, Security, Internal Audit, and business leaders.
• Exceptionally strong quantitative and analytical skills, with experience applying formal risk and process improvement practices.
• Excellent leadership, communication, interpersonal, and presentation skills.
• Ability to work extended hours when needed to meet department, audit, and regulatory deadlines.
• Ability to challenge the status quo, go above and beyond, build and maintain trust, and strive for excellence.
• Relevant certifications strongly preferred (e.g., CISA, CRISC, CISM, CISSP, CIA, CGEIT, ISO 42001).
• Preferred 7+ years of experience in the Property Management, Multifamily Housing, SaaS, FinTech, or PropTech industries.

Benefits

• Health, dental, and vision insurance.
• Retirement savings plan with company match.
• Paid time off and holidays.
• Professional development opportunities.
• Performance-based bonus based on position.

Company Description

RealPage provides a competitive salary package along with a comprehensive benefit plan. Compensation may vary depending on your location, qualifications including job-related education, training, experience, licensure, and certification, that could result at a level outside of these ranges. Certain roles are eligible for additional rewards, including annual bonus, and sales incentives depending on the terms of the applicable plan and role as well as individual performance.

Equal Opportunity Employer: RealPage Company is an equal opportunity employer and committed to creating an inclusive environment for all employees.

Pay Range: USD $138,400.00 - USD $235,600.00 /Yr.