Director - Risk Advisory (Cybersecurity & Privacy) (NY)

From the beginning, our goal was to establish an advisory firm that stands apart from the rest – one that is grounded in our Core Values and dedicated to creating a positive experience not just for our clients, but for our people too. We firmly believe in the strength of collaboration, enthusiasm, generosity, and perseverance as the driving forces behind our success. With advisory solutions spanning accounting and risk, technology-enabled transformation, and transactions, we partner with our clients to solve today’s challenges and deliver present and future value.

Our commitment to our people has earned us numerous awards including Inc5000's Fastest Growing Companies and Glassdoor's Best Places to Work. Explore what our employees have to say about our unique culture by clicking here.

By joining our rapidly growing New York Region Risk Advisory practice, you will serve as a trusted partner to our clients. You’ll bring your first-hand experience, unique perspectives, and functional knowledge to deliver tailored integrated solutions that help our clients solve today's challenges and set the foundation for future success. As a Director at CrossCountry Consulting you will be responsible for a mix of client delivery, business development, leading teams and developing junior team members, as well as serving as a member of CrossCountry’s leadership team.

In this role, you will drive positive impacts through the design, build, execution, and assessment of risk programs across cyber, privacy, and data protection. We are looking for self-starters who enjoy learning and staying current with industry trends and technologies, excel at team leadership and mentorship, and are eager to help our clients strategically solve complex risk challenges. 

• Provide hands-on project leadership and apply specialized knowledge across a diverse range of engagements spanning:
• Cybersecurity Assessment & Strategy: Cyber maturity assessments and roadmaps; risk assessments; operating models; executive advisory
• Resilience: Incident Response, Business Continuity, and Disaster Recovery planning; tabletop exercise design and facilitation
• Third Party Risk Management: TPRM program assessments; TPRM program designs (processes, tooling); vendor risk assessments
• Data Security & Privacy: Privacy program assessments; data protection plans and roadmaps; privacy and data security tool/technology implementation
• Regulatory Compliance: Regulatory mapping and horizon scanning; compliance readiness and remediation activities; exam and reporting support
• Reporting & Metrics: KPI and KRI development; automation and operations; dashboards and reporting; risk appetite analysis

• Serve as a cybersecurity subject matter expert for other CrossCountry teams as they deliver client engagements
• Provide senior account and project-level leadership that ensures exceptional delivery quality, exceeds client expectations, nurtures client relationships, and creates expansion opportunities
• Deliver high-quality consulting services by taking personal ownership of client engagements, ensuring that deliverables are practical and impactful
• Share technical expertise by authoring thought leadership materials such as case studies, white papers, and learning materials, and represent CrossCountry at industry events
• Oversee teams and individuals, monitor and guide performance in alignment with objectives, and promptly address issues, risks, and conflicts as they arise
• Drive the strategic direction of the practice by actively monitoring industry trends, identifying emerging opportunities, and creating new services and solutions that meet market needs
• Actively contribute to talent acquisition and retention efforts, participating in attracting, interviewing, and hiring top talent who embody our core values
• Lead business development efforts and market a full range of services to prospective clients including using existing relationships to generate new opportunities

• 12+ years of experience advising public companies, specializing in cybersecurity-driven IT strategy and governance, risk assessment, audit, privacy, and data protection
• Expertise on systems pre- and post-implementation reviews, third-party risk management, systems development life cycle controls assessment, data analytics, disaster recovery planning, regulatory compliance, and IT project risk management, with a focus on building resilient, secure IT environments aligned with regulatory and operational standards
• Experience with the major cybersecurity, technology, and operational risk frameworks and standards such as NIST CSF, CRI Cybersecurity Profile, CSA Cloud Controls, ISO 27000 series, COBIT, and Basel Operational Risk Principles
• Professional services experience in a client-facing role at an accounting or consulting firm
• Experience mentoring and developing junior team members and helping project teams resolve multi-faceted issues
• Proven record of building and developing strong client relationships with C-level executives

• Bachelor’s degree from an accredited university
• Professional certification (CISA, CISM, CISSP, CIPT, CIPP, CIPM)
• Willingness to travel domestically up to 20%-30% (varies by client)
• Availability to work at client site or in office 3 days a week, with 2 days remote (hybrid environment)

#LI-Hybrid

#LI-JF1

For applicants located in New York, CrossCountry Consulting is required to include an estimate of the compensation range for this role. The following range takes into account a wide range of factors including but not limited to, skills, experience, education, licenses, certifications, business needs, and internal equity. An estimate of the current range is $169,000 - $344,000 per year + annual bonus + additional benefits.

Benefits Summary

The CrossCountry total rewards package includes comprehensive healthcare options, including medical, dental, and vision coverage; flexible spending accounts; and a 401(k) with company matching. Additionally, employees can take advantage of generous parental and maternity leave policies, technology stipends, and wellness reimbursement programs, all designed to support both professional growth and personal well-being.

Equal Employment Opportunity (EEO)

CrossCountry provides equal employment opportunities (EEO) to all employees and applicants for employment and believes that respect and fair treatment are critical to creating a productive, diverse, and inclusive workplace. 

As an equal opportunity employer, CrossCountry is fully committed to comply with all federal, state, and local laws and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, pregnancy, genetics, sexual orientation, protected veteran status, gender identity or expression or any other characteristic protected by federal, state or local laws. This policy also complies with pay transparency and labor laws and applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.