×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security IT Consultant

Technology Risk & Controls Manager

Job in Santa Barbara, Santa Barbara County, California, 93190, USA
Listing for: AppFolio, Inc
Full Time position
Listed on 2026-02-28
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security, IT Consultant
Salary/Wage Range or Industry Benchmark: 114400 USD Yearly USD 114400.00 YEAR
Job Description & How to Apply Below

Finance & Accounting Santa Barbara, California Dallas, Texas San Diego, California Remote - San Francisco, CA

App Folio is more than a company. We’re a community of dreamers, big thinkers, problem solvers, active listeners, and multipliers. At every opportunity, we set the pace while delivering innovation built to carry real estate into the future. One in which every experience feels effortless, yet meaningful. Where customers are empowered to take on any opportunity. We show up as one team, connected by our values to be a force for good.

Because together, we have the power to create extraordinary outcomes for our customers, our communities, and ourselves.

We are seeking a Technology Risk and Controls Manager to drive risk-based assurance for our cloud-native product, engineering practices, and internal tech stack. You’ll be responsible for assessing risk across key domains like payments infrastructure, Software Engineering, and business systems, directly contributing to the continuous improvement of App Folio’s risk and controls environment. In this role, you will execute high-impact advisory engagements and present results to senior leadership.

Your

Impact
  • Strategic Risk Assessment:
    Contribute to the development of the technology risk management strategy by identifying and evaluating emerging threats within our cloud-native infrastructure (AWS/GCP) and agentic AI platforms.
  • Engineering Assurance:
    Assess the effectiveness of automated security checks within our CI/CD pipelines to ensure we maintain "Elite" deployment performance without compromising security. Assess emerging AI-supported development life cycles.
  • Enterprise System Governance:
    Evaluate IT General Controls (ITGCs) and perform control rationalization for our newly implemented Net Suite ERP and Anaplan environments to support ongoing SOX compliance.
  • Emerging Tech Oversight:
    Play a critical role in AI Governance by assessing the internal use of generative and agentic AI tools to mitigate data privacy and compliance risks.
  • Collaborative Partnering:
    Work closely with the CIO organization, CISO, and Engineering leadership to provide practical, data-driven recommendations that improve our security posture and operational efficiency.
  • Data Governance and Privacy Assurance:
    Partner with Data Governance teams to audit data discovery scans, classification efforts, and the protection of sensitive information across structured and unstructured data sources.
Qualifications
  • Experience:

    5 to 8 years of progressive experience in technology audit, IT risk management, or cybersecurity.
  • Public Accounting Rigor:
    Previous experience in a Big 4 or large national accounting firm, with a focus on IT audit or advisory services, is a plus.
  • Environment:
    Direct experience auditing or managing risk in a high-growth SaaS, Fin Tech, or technology-driven environment.
  • Technical Knowledge:
    Familiarity with cloud infrastructure security (AWS/GCP), containerization (Kubernetes), Agentic AI, and modern software development life cycles (SDLC).
  • Technical Control Advisory:
    Experience translating technical control objectives into action-oriented plans that bridge the gap between current and desired state.
  • Financial Systems:
    Experience with cloud-based ERP systems (Net Suite preferred) and automated segregation of duties (SoD) monitoring tools.
  • Education:

    Bachelor’s degree in Management Information Systems, Computer Science, Accounting, or a related field.
Must Haves
  • Certification: CISA (Certified Information Systems Auditor), CISSP, CIA, or AWS Certified Security Specialty.
  • Executive Presence:
    Excellent communication and presentation skills, with the ability to translate complex technical risks into a business context for senior leadership.
  • Professional Skepticism: A proven ability to critically assess the reliability of information and maintain an inquisitive attitude toward automated control environments.
  • Analytical Mindset:
    Demonstrated success in leading complex technical audits across multiple stakeholders and high-volume data environments.
Location

Find out more about our locations by visiting our site.

The compensation that we reasonably expect to pay for this role is: $114,400 -…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search