
Senior Director, IT & Security GRC
Posted Jun 27

Posted Jun 27
This is a fully remote position, open to applicants in Texas.
• Collaborate with control owners (1st Line of Defense) to enhance controls, drive automation initiatives, and address control deficiencies before year-end.
• Oversee compliance related to control design and operational effectiveness.
• Create, govern, and continuously update the enterprise Technology Risk, Threat, and Control Library, aligned with NIST CSF 2.0, COBIT 2019, ISO 27001, MITRE ATT&CK, and relevant regulatory frameworks.
• Develop a standardized control taxonomy that facilitates control rationalization, cross-framework applications, and "test once, satisfy many" efficiencies across SOX, PCI DSS, SOC 1, SOC 2, and NYDFS.
• Show a keen interest or working capability in "vibe coding" and AI-assisted development processes utilizing tools (e.g., Claude Code, Cursor, and GitHub Copilot).
• Possess hands-on experience with leading Large Language Models (LLMs) (e.g., Anthropic Claude (Opus, Sonnet, Haiku), OpenAI GPT-4/5 and o-series, Google Gemini, Meta Llama, and Mistral).
• Create and present executive-level reports on technology risk posture, control health, emerging threats, regulatory changes, and remediation efforts.
• Act as a trusted advisor to IT, Information Security, and Engineering regarding technology risk, control design, and the regulatory implications of strategic initiatives.
• Bachelor's degree in Business Administration, Accounting, Finance, Operations, Computer Science, Information Technology, Cybersecurity, or a related discipline; advanced degrees (MBA, MS) are preferred.
• At least 12 years of progressive experience in technology risk, IT audit, GRC, or information security, with a minimum of 7 years in leadership roles developing high-performing teams.
• Extensive, hands-on expertise in SOX IT General Controls, technology risk management, control design, and the IT audit lifecycle within a complex public company setting.
• Strong knowledge of AI risk management with practical experience in AI solutions.
• Demonstrated experience in designing and implementing GRC programs in alignment with NIST CSF 2.0, COBIT 2019, COSO 2013, ISO 27001, and MITRE ATT&CK.
• Proven ability to communicate effectively at the executive and Board levels, including drafting risk narratives, committee materials, and Board updates.
• Capacity to act as a change agent and influence favorable outcomes through critical thinking, strategic growth, and a proactive approach.
• Exceptional ability to influence without authority and collaborate effectively with senior IT, Engineering, Security, Internal Audit, and business leaders.
• Strong quantitative and analytical skills, with experience in applying formal risk and process improvement methodologies (e.g., FAIR, NIST 800-30, Lean, Six Sigma).
• Excellent leadership, communication, interpersonal, and presentation skills, capable of navigating from technical details to Board-level strategy.
• Willingness to work extended hours as necessary to meet departmental, audit, and regulatory deadlines.
• Relevant certifications are strongly preferred (e.g., CISA, CRISC, CISM, CISSP, CIA, CGEIT, ISO 42001).
• Preferred 7+ years of experience in the Property Management, Multifamily Housing, SaaS, FinTech, or PropTech sectors.
• Health, dental, and vision insurance.
• Retirement savings plan with company contributions.
• Paid time off and holidays.
• Opportunities for professional development.
• Performance-based bonuses linked to position.
Salesforce
Plurilock
Navitas Business Consulting, Inc.
Foresite Cybersecurity
Get handpicked remote jobs straight to your inbox weekly.