Job Description: IT Risk Consulting Director Job Title: IT Risk Consulting Director Department: Risk Management / IT Consulting Reports To: Managing Director / Partner Position Overview: The IT Risk Consulting Director is a senior leadership role responsible for delivering strategic guidance to clients on IT risk management, governance, and compliance. This role combines deep technical knowledge with business acumen to help organizations identify, evaluate, and mitigate IT-related risks. The director also leads consulting teams, manages client relationships, and contributes to business development efforts. Key Responsibilities: Strategic Leadership: Define and implement IT risk management strategies and frameworks for clients. Provide executive-level advisory on IT governance, risk, and compliance (GRC). Align IT risk initiatives with clients’ broader business objectives and regulatory requirements. Client Engagement and Delivery: Oversee the assessment of IT risks, including cybersecurity, data privacy, cloud security, and third-party risks. Develop and deliver tailored recommendations and action plans to mitigate identified risks. Ensure high-quality project delivery within scope, timeline, and budget constraints. Team Leadership and Development: Lead and mentor a team of IT risk consultants, fostering a culture of excellence and collaboration. Provide coaching and guidance to ensure professional growth and knowledge-sharing within the team. Allocate resources effectively across multiple client engagements. Regulatory and Compliance Advisory: Advise clients on compliance with regulatory standards such as GDPR, CCPA, PCI DSS, HIPAA, and SOX. Guide clients in implementing frameworks such as COBIT, NIST CSF, ISO 27001, and ITIL. Conduct audits and reviews to ensure compliance and recommend remediation strategies. Business Development: Identify opportunities for expanding client engagements and new business opportunities. Collaborate with the business development team to create proposals and pitch IT risk solutions. Build and maintain strong client relationships to foster long-term partnerships. Thought Leadership and Innovation: Stay current on emerging trends in IT risk, cybersecurity, and compliance. Develop thought leadership content, such as whitepapers, articles, and presentations. Represent the organization at industry conferences, forums, and events. Performance Measurement and Reporting: Define and track key performance indicators (KPIs) for IT risk initiatives. Provide clients with detailed reports on risk assessments, compliance gaps, and progress. Ensure clear and consistent communication with stakeholders at all levels. Qualifications and Skills: Education and Experience: Bachelor’s or Master’s degree in Information Technology, Cybersecurity, Business Administration, or a related field. 10 years of experience in IT risk management, with at least 5 years in a leadership or consulting role. Technical Expertise: Strong understanding of IT risk domains, including cybersecurity, data privacy, business continuity, and vendor risk management. Experience with risk assessment methodologies, IT audits, and compliance frameworks. Knowledge of emerging technologies, such as cloud computing, AI, and IoT, and their associated risks. Certifications (Preferred): Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified in Risk and Information Systems Control (CRISC) Certified Information Systems Security Professional (CISSP) ITIL or other relevant IT management certifications Leadership and Interpersonal Skills: Proven ability to manage diverse, multidisciplinary teams. Strong client relationship and stakeholder management skills. Exceptional communication and presentation skills, with experience engaging C-level executives. Business Acumen: Demonstrated ability to balance technical and business priorities effectively. Proven success in managing budgets, timelines, and resources in a consulting environment. Strong sales and business development capabilities.