Remotery

Senior Director, IT & Security GRC

Posted Jun 27

This is a fully remote position, open to applicants in Texas.

📋 Description

• Collaborate with control owners (1st Line of Defense) to enhance controls, drive automation initiatives, and address control deficiencies before year-end.

• Oversee compliance related to control design and operational effectiveness.

• Create, govern, and continuously update the enterprise Technology Risk, Threat, and Control Library, aligned with NIST CSF 2.0, COBIT 2019, ISO 27001, MITRE ATT&CK, and relevant regulatory frameworks.

• Develop a standardized control taxonomy that facilitates control rationalization, cross-framework applications, and "test once, satisfy many" efficiencies across SOX, PCI DSS, SOC 1, SOC 2, and NYDFS.

• Show a keen interest or working capability in "vibe coding" and AI-assisted development processes utilizing tools (e.g., Claude Code, Cursor, and GitHub Copilot).

• Possess hands-on experience with leading Large Language Models (LLMs) (e.g., Anthropic Claude (Opus, Sonnet, Haiku), OpenAI GPT-4/5 and o-series, Google Gemini, Meta Llama, and Mistral).

• Create and present executive-level reports on technology risk posture, control health, emerging threats, regulatory changes, and remediation efforts.

• Act as a trusted advisor to IT, Information Security, and Engineering regarding technology risk, control design, and the regulatory implications of strategic initiatives.


⛳️ Requirements

• Bachelor's degree in Business Administration, Accounting, Finance, Operations, Computer Science, Information Technology, Cybersecurity, or a related discipline; advanced degrees (MBA, MS) are preferred.

• At least 12 years of progressive experience in technology risk, IT audit, GRC, or information security, with a minimum of 7 years in leadership roles developing high-performing teams.

• Extensive, hands-on expertise in SOX IT General Controls, technology risk management, control design, and the IT audit lifecycle within a complex public company setting.

• Strong knowledge of AI risk management with practical experience in AI solutions.

• Demonstrated experience in designing and implementing GRC programs in alignment with NIST CSF 2.0, COBIT 2019, COSO 2013, ISO 27001, and MITRE ATT&CK.

• Proven ability to communicate effectively at the executive and Board levels, including drafting risk narratives, committee materials, and Board updates.

• Capacity to act as a change agent and influence favorable outcomes through critical thinking, strategic growth, and a proactive approach.

• Exceptional ability to influence without authority and collaborate effectively with senior IT, Engineering, Security, Internal Audit, and business leaders.

• Strong quantitative and analytical skills, with experience in applying formal risk and process improvement methodologies (e.g., FAIR, NIST 800-30, Lean, Six Sigma).

• Excellent leadership, communication, interpersonal, and presentation skills, capable of navigating from technical details to Board-level strategy.

• Willingness to work extended hours as necessary to meet departmental, audit, and regulatory deadlines.

• Relevant certifications are strongly preferred (e.g., CISA, CRISC, CISM, CISSP, CIA, CGEIT, ISO 42001).

• Preferred 7+ years of experience in the Property Management, Multifamily Housing, SaaS, FinTech, or PropTech sectors.


🏝️ Benefits

• Health, dental, and vision insurance.

• Retirement savings plan with company contributions.

• Paid time off and holidays.

• Opportunities for professional development.

• Performance-based bonuses linked to position.

People also viewed

Salesforce1 day ago

Security Practices Director

US flagColorado, +4 more statesFull-timeCybersecurity / Security Engineer$171.2k – $273k/year
ApplyView job
Plurilock1 day ago

Endpoint Security Engineer – Carbon Black, Symantec

US flagNew Jersey OnlyFreelanceCybersecurity / Security Engineer
ApplyView job
Navitas Business Consulting, Inc.1 day ago

Security & Endpoint Engineer

IN flagIndia OnlyFull-timeCybersecurity / Security Engineer
ApplyView job
Foresite Cybersecurity2 days ago

Offensive Security Engineer, Horizon3.ai NodeZero

US flagUnited States OnlyFull-timeCybersecurity / Security Engineer
ApplyView job
Authentic82 days ago

Red Team Engineer – Offensive Security Lead

US flagUnited States OnlyFull-timeCybersecurity / Security Engineer$150k – $175k/year
ApplyView job
MazeJul 5

Security Research Lead

EuropeFull-timeCybersecurity / Security Engineer
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers