Director of Cybersecurity (PTX51826)

ABOUT REALMANAGE:
RealManage is one of the largest and fastest-growing community association management companies in the United States, serving homeowner associations, condominium communities, master-planned developments, and mixed-use properties nationwide. Our proprietary technology platform, CiraNet, powers every dimension of community operations, from financials and communications to service delivery and compliance, setting the standard for transparent, tech-enabled management. We are entering a transformative chapter, investing aggressively in AI and intelligent automation to redefine how communities are managed at scale.

THE OPPORTUNITY:
We are seeking a Director of Cybersecurity to build and lead RealManage's enterprise security program. This role blends strategic program leadership with hands-on operational ownership, responsible for strengthening our security posture, advancing our compliance maturity, and laying out the roadmap that aligns RealManage to a common, recognized security framework.

You will start as a senior individual contributor, partnering closely with the VP of Cloud Engineering and broader Technology & Product leadership to assess our current state, recommend the right framework direction (such as NIST CSF, ISO 27001, SOC 2, CIS Controls, or a blended approach), and execute the work to get there. As the program matures and the roadmap demands additional capacity, you will hire and lead a growing team.
The right leader is a player-coach who can sit at the executive table one hour and review IAM policies, cloud configurations, or incident playbooks the next. You bring deep operational fluency across cloud security, identity, and incident response, paired with the program-management discipline to drive a multi-year compliance and maturity journey.

WHAT YOU WILL DO:

Security Strategy & Roadmap

• Assess RealManage's current security posture, identify gaps, and recommend the right common framework direction (NIST CSF, ISO 27001, SOC 2, CIS Controls, or a blended approach) to align our program against.
• Build a multi-year cybersecurity roadmap with clearly defined milestones, control objectives, and measurable outcomes.
• Translate framework requirements into prioritized, funded workstreams with executive sponsorship and clear business alignment.
• Establish security policies, standards, and governance structures that scale with RealManage's growth and M&A activity.
• Present security strategy, risk posture, and program progress to the executive leadership team and the Board.

Compliance & Risk Management

• Own RealManage's compliance program, with primary focus on PCI DSS for resident and board payment data and SOC 2 / SOX-style control attestations.
• Lead audit readiness, evidence collection, and remediation across in-scope systems, applications, and third-party processors.
• Build and maintain a risk register, vendor risk management program, and exception process that gives leadership clear visibility into residual risk.
• Establish data protection standards aligned with applicable U.S. state privacy laws and HOA-specific data handling and fiduciary obligations.
• Partner with Legal, Finance, and Internal Audit to ensure security controls integrate cleanly with enterprise risk and compliance functions.

Cloud Security & Platform Hardening

• Drive secure-by-default patterns into the cloud platform in partnership with the VP of Cloud Engineering and platform teams.
• Implement and tune cloud security posture management, vulnerability management, and continuous compliance monitoring.
• Embed security into CI/CD pipelines and SDLC practices without slowing engineering delivery velocity.
• Address emerging risks tied to AI and intelligent automation, including model and data protection, prompt injection, and securing AI agents and service identities in production.

Incident Response & Security Operations

• Build and operate the incident response program, including playbooks, tabletop exercises, on-call rotations, and post-incident review processes.
• Stand up detection and response capabilities, whether fully in-house, through MSSP partnership, or a hybrid model, with clear SLAs and operating metrics.
• Lead threat hunting, log analysis, and continuous monitoring across cloud, endpoint, and SaaS surfaces.
• Serve as the primary point of escalation for security events, coordinating cross-functional response and external notifications when required.

Identity & Access Management

• Lead the enterprise IAM strategy, including SSO, MFA, privileged access management, and zero-trust principles.
• Roll out and continuously improve identity hygiene across employees, contractors, and integrated partners.
• Establish re.ole-based access controls, least-privilege standards, and joiner/mover/leaver processes that satisfy both audit and operational requirements.
• Secure machine identities, service accounts, and AI agent credentials as the platform and its automation footprint scale

Talent, Culture & Awareness

• Start as a hands-on individual contributor, then build, attract, and retain a high-caliber security team as the program and roadmap grow.
• Champion security awareness across the organization, including phishing simulations, role-based training, and clear security guidance for engineering and operations teams.
• Foster a culture where security is a shared responsibility rather than a gate, partnering with engineering, product, and operations teams to make secure choices the easy choices.
• Manage security tooling budgets, vendor relationships, and ROI for the cybersecurity portfolio.

Disclaimer

This description is not intended to be an exhaustive list of duties. The employee may perform other duties as assigned to meet the ongoing needs of the organization. Reasonable accommodations may be made to enable qualified individuals to perform the essential functions of this position

WHAT YOU BRING:
Experience & Track Record

• Must live in Dallas area and able to commute to Plano, TX
• Must be a USA citizen or have proper documentation for work in USA - unable to sponsor
• 10+ years of progressive experience in cybersecurity, with at least 3 to 5 years leading security programs at the manager, director, or principal level.
• Demonstrated success building or significantly maturing a security program in a cloud-native SaaS environment, including framework selection and roadmap execution.
• Hands-on track record taking a company through SOC 2, PCI DSS, ISO 27001, or comparable audit and certification cycles.
• Experience operating as a player-coach: directly executing technical security work while also setting strategy and influencing leadership.
• Background in a services-intensive, operationally complex, or multi-location business is highly valued; property management, real estate services, fintech, or adjacent verticals are a plus.

Technical Depth

• Strong hands-on fluency with cloud security.
• Deep working knowledge of identity and access management patterns, including SSO, SAML/OIDC, MFA, PAM, and zero-trust architectures.
• Practical experience leading incident response, including detection engineering, SIEM and SOAR tuning, threat hunting, and forensics.
• Familiarity with application security, secure SDLC, vulnerability management, and DevSecOps tooling.
• Working knowledge of common control frameworks (NIST CSF, ISO 27001, SOC 2 TSC, CIS Controls) and the practical tradeoffs between them.
• Awareness of emerging AI and ML security considerations, including data protection, model risk, and the security of agentic systems in production.

Leadership & Influence:

• Outstanding executive communication skills with the ability to translate risk and technical concepts into clear business narratives for the C-suite and Board.
• Collaborative, low-ego operator who builds trust with engineering, operations, and business teams and leads through influence in a matrixed environment.
• Calm, decisive presence in incidents and audits, with sound judgment under pressure and a bias toward action.
• Entrepreneurial mindset: comfortable operating in a high-growth, private-equity-backed environment where speed, resourcefulness, and ROI discipline matter.
• Certifications (Preferred, Not Required)
• One or more of CISSP, CISM, CISA, or CCSP.
• Cloud security certifications such as AWS Security Specialty, Azure Security Engineer Associate, or Google Professional Cloud Security Engineer are a plus.

 

WHY REALMANAGE:

• Market leadership: One of the top three HOA management companies in the U.S., named multiple times to the Inc. 500 list of fastest-growing companies.
• Greenfield security mandate: Executive sponsorship and a clean canvas to define the framework, build the program, and shape RealManage's long-term security posture.
• Proprietary platform: CiraNet provides a unified technology foundation, resident data set, and integration surface across the enterprise.
• Executive visibility: This role partners closely with the VP of Cloud Engineering and CTO, and regularly engages the executive leadership team and the Board on risk and compliance matters.
• Real impact: Your work will protect the data and trust of hundreds of community managers, thousands of board members, and hundreds of thousands of residents across the country.

Physical Requirements 
• Ability to sit for prolonged periods at a desk and work on a computer.
• Ability to occasionally stand, walk, bend, or reach as needed.
• Ability to lift or move objects up to 10–15 pounds (e.g., files, office supplies).
• Manual dexterity to operate a computer keyboard, mouse, telephone, and other office equipment.
• Visual acuity to read printed materials, spreadsheets, and computer screens.
• Hearing and speech ability to communicate effectively in person, by phone, and in virtual meetings.
• Ability to work in a standard office environment with moderate noise levels.
• Ability to work a standard schedule, with occasional extended hours as required.

Pay and Benefits:

$175,000 to $190,000, depending on education and experience.

 

Benefits include:

· Medical Insurance

· Dental Insurance

· Vision Insurance

· Life and Disability Insurance

· HSA (Required High-Deductible Medical Plan to be eligible)

· FSA

· Education Reimbursement

· 401K matching

· Employee Assistance Program (EAP)

· 11 paid Holidays