×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security

Senior Director, IT & Security GRC

Job in Richardson, Dallas County, Texas, 75080, USA
Listing for: RealPage, Inc.
Full Time position
Listed on 2026-05-30
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security
Salary/Wage Range or Industry Benchmark: 138400 - 235600 USD Yearly USD 138400.00 235600.00 YEAR
Job Description & How to Apply Below

Overview

This role reports to VP, Technology GRC and Deputy CISO and has accountability for maturing SOX ITGC oversight,establishinga unified Technology Risk, Threat, and Controls Library, and delivering executive-level risk reporting and advisory services. It partners closely with senior leadership, Internal Audit, and business stakeholders to design andoperatea scalable, framework-aligned risk and control environment across a complex SaaS ecosystem.

The position serves as a strategic advisor to executives, providingclear insight into technology risk posture, emerging threats, and remediation strategies while enabling regulatory compliance (SOX, PCI, SOC, NYDFS) and business objectives.

Responsibilities

SOX IT General Controls (ITGCs)

  • Partner with control owners (1st LOD) to mature controls, drive automation, and remediate control deficiencies prior to year-end.
  • Monitor compliance of control design and operating effectiveness

Technology Risks, Threats & Controls Library

  • Build, govern, and continuously evolve the enterprise Technology Risk, Threat, and Control Library, mapped to NIST CSF 2.0, COBIT 2019, ISO 27001, MITRE ATT&CK, and applicable regulatory regimes.
  • Establish a unified control taxonomy enabling control rationalization, framework crosswalks, and "test once, satisfy many" efficiencies across SOX, PCI DSS, SOC 1, SOC2and NYDFS.

AI Risk Management

  • Demonstrated interest or workingproficiencyin "vibe coding" and AI-assisted development workflows using tools (e.g., Claude Code, Cursor and Git Hub Copilot), sufficient to prototype control automations, evidence collectors, and governance tooling without dependence on engineering backlog.
  • Hands-on familiarity with leading Large Language Models (LLMs) (e.g., Anthropic Claude (Opus, Sonnet, Haiku), OpenAI GPT-4/5 and o-series, Google Gemini, Meta Llama, and Mistral), with a practical understanding of model selection trade-offs (reasoning depth, context window, cost, latency, data residency).
  • Working knowledge of LLM application patterns — prompt engineering, retrieval-augmented generation (RAG), function/tool calling, agentic workflows, and Model Context Protocol (MCP) and the associated risk, control, and governance implications.
  • Familiarity with the AI/LLM risk landscape, including OWASP Top 10 for LLM Applications, NIST AI RMF, ISO/IEC 42001, MITRE ATLAS, and emerging regulatory expectations (EU AI Act, NYDFS AI guidance, state-level AI laws).
  • Ability to govern AI responsibly while using it productively leveraging LLMs to accelerate risk assessments, control narratives, policy drafting, audit evidence review, and Board reporting whilemaintainingaccuracy, confidentiality, and IP boundaries.

Committee & Board Reporting

  • Develop and deliver executive ready reporting on technology risk posture, control health, emerging threats, regulatory developments, and remediation progress.

Advisory Services

  • Serve as a trusted advisor to IT, Information Security and Engineering on technology risk, control design, and regulatory implications of strategic initiatives, including AI/ML, cloud transformation, M&A, and platform migrations.
  • Provide proactive risk and control guidance on architecture decisions, technology investments, third-party engagements, and new product capabilities.
  • Embed risk and control thinking into enterprise programs and strategic pillars (Innovate, Expand, Protect, Transform), shaping outcomes earlier in the lifecycle.

Issue & Remediation Management

  • Own the enterprise technology risk and control issue lifecycle, including identification, root cause analysis, risk rating, remediation planning, tracking, and closure validation.
  • Drive accountability across control owners and remediation owners; accelerate aging or critical issues to executive leadership and the Board with clear paths to resolution.
  • Maintain a single enterprise issueregisterwith risk-rated, time-bound action plans and trend reporting for governance forums.

Risk Assessments

  • Perform risk assessment on AI agentic solutions.
  • Translate risk assessment outputs into actionable risk treatment plans, control improvements, capital and investment recommendations, and executive risk narratives.
Qualifications

R…

Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search