CrossCountry Consulting
Associate Director - Risk Advisory (Cyber, Tech, and Operational Risk)
CrossCountry Consulting, Mc Lean, Virginia, us, 22107
By joining our rapidly growing Risk Advisory practice you will serve as a trusted partner to our clients. You'll bring your first-hand experience, unique perspectives, and functional knowledge to deliver tailored integrated solutions that solve today's challenges and set the foundation for future success. With support from experienced leaders and a dedicated coach, you will join a collaborative community that invites you to contribute beyond the scope of client delivery.
In this role, you will drive positive impacts through the design, build, execution, and assessment of risk programs across cyber, technology, and operational risk (non-financial risk) domains. You will be an integral part of our leadership team: driving the growth of our client base, leading client engagements, and continuously improving our capabilities. We are looking for self-starters who enjoy learning and staying current with industry trends and technologies, excel at team leadership and mentorship, and are eager to help our clients strategically solve complex risk challenges.
What You'll Do:
Lead the Risk Advisory practice, leveraging expertise in cyber, technology, and operational risk to expand our client base and teamOversee accounts and client relationships across various industries, including financial services and emerging growth companiesApply specialized knowledge in particular non-financial risk domains, and broad acumen across facets of all domains including cybersecurity, technology, cloud, operational resiliency, data, third party, privacy, and product riskConduct research and analysis, leveraging data to derive valuable insights and actionable recommendations for clientsDrive development of solutions and deliverables, combining technical depth with management consulting skills to influence and deliver results to business executives and technical professionalsServe as a coach and mentor to team members, fostering their professional growth and developmentProvide hands-on project leadership and apply specialized knowledge across a diverse range of engagements spanning:
-Risk Transformation: Maturity assessments and roadmaps; operating models; risk program builds; executive advisory
-Risks & Controls: Risk assessments; frameworks; RCSAs; testing methodologies; testing execution and reporting
-Internal Audit: Audit planning, execution, and reporting
-Regulatory Compliance: Regulatory mapping and horizon scanning; compliance readiness and remediation activities; exam and reporting support
-Reporting & Metrics: KPI and KRI development; automation and operations; dashboards and reporting; risk appetite assessment
>
What You'll Bring:
9+ years prior experience in professional services (public accounting, advisory firm, or management consulting firm)Experience with the major cybersecurity, technology, and operational risk frameworks and standards such as NIST CSF, CRI Cybersecurity Profile, CSA Cloud Controls, ISO 27000 series, COBIT, and Basel Operational Risk PrinciplesExperience delivering security solutions across major cloud service provider (AWS, Azure, GCP) platformsKnowledge of comprehensive risk management programs including governance, policy, architecture, processes, and controlsExperience mentoring and developing junior team members and helping project teams resolve multifaceted issuesDemonstrated desire for continued learning about new and emerging technologies and staying current with trends in cyber, technology, and operational risk managementQualifications:
Bachelor's degree from an accredited university.Professional certification (CISA, CISM, CISSP, CIPT, CIPP, CIPM).Willingness to travel domestically up to 20%-30% (varies by client).Availability to work on client site or in office 3 days a week, with 2 days remote (hybrid environment).
#LI-Hybrid #LI-OC1
In this role, you will drive positive impacts through the design, build, execution, and assessment of risk programs across cyber, technology, and operational risk (non-financial risk) domains. You will be an integral part of our leadership team: driving the growth of our client base, leading client engagements, and continuously improving our capabilities. We are looking for self-starters who enjoy learning and staying current with industry trends and technologies, excel at team leadership and mentorship, and are eager to help our clients strategically solve complex risk challenges.
What You'll Do:
Lead the Risk Advisory practice, leveraging expertise in cyber, technology, and operational risk to expand our client base and teamOversee accounts and client relationships across various industries, including financial services and emerging growth companiesApply specialized knowledge in particular non-financial risk domains, and broad acumen across facets of all domains including cybersecurity, technology, cloud, operational resiliency, data, third party, privacy, and product riskConduct research and analysis, leveraging data to derive valuable insights and actionable recommendations for clientsDrive development of solutions and deliverables, combining technical depth with management consulting skills to influence and deliver results to business executives and technical professionalsServe as a coach and mentor to team members, fostering their professional growth and developmentProvide hands-on project leadership and apply specialized knowledge across a diverse range of engagements spanning:
-Risk Transformation: Maturity assessments and roadmaps; operating models; risk program builds; executive advisory
-Risks & Controls: Risk assessments; frameworks; RCSAs; testing methodologies; testing execution and reporting
-Internal Audit: Audit planning, execution, and reporting
-Regulatory Compliance: Regulatory mapping and horizon scanning; compliance readiness and remediation activities; exam and reporting support
-Reporting & Metrics: KPI and KRI development; automation and operations; dashboards and reporting; risk appetite assessment
>
What You'll Bring:
9+ years prior experience in professional services (public accounting, advisory firm, or management consulting firm)Experience with the major cybersecurity, technology, and operational risk frameworks and standards such as NIST CSF, CRI Cybersecurity Profile, CSA Cloud Controls, ISO 27000 series, COBIT, and Basel Operational Risk PrinciplesExperience delivering security solutions across major cloud service provider (AWS, Azure, GCP) platformsKnowledge of comprehensive risk management programs including governance, policy, architecture, processes, and controlsExperience mentoring and developing junior team members and helping project teams resolve multifaceted issuesDemonstrated desire for continued learning about new and emerging technologies and staying current with trends in cyber, technology, and operational risk managementQualifications:
Bachelor's degree from an accredited university.Professional certification (CISA, CISM, CISSP, CIPT, CIPP, CIPM).Willingness to travel domestically up to 20%-30% (varies by client).Availability to work on client site or in office 3 days a week, with 2 days remote (hybrid environment).
#LI-Hybrid #LI-OC1