Manager - Risk Advisory (Technology Risk) (NY)

From the beginning, our goal is to establish an advisory firm that stands apart, grounded in our Core Values and dedicated to delivering a positive experience for clients and for our people. We believe collaboration, enthusiasm, generosity, and perseverance drive our success. With advisory solutions spanning accounting and risk, technology-enabled transformation, and transactions, we partner with our clients to solve today’s challenges and deliver present and future value.

Our commitment to our people has earned us awards including Inc5000’s Fastest Growing Companies and Glassdoor’s Best Places to Work. Explore what our employees have to say about our culture by clicking here.

By joining our rapidly growing Risk Advisory practice you will serve as a trusted partner to our clients. You’ll bring your first-hand experience, unique perspectives, and functional knowledge to deliver tailored integrated solutions that solve today’s challenges and set the foundation for future success. With support from experienced leaders and a dedicated coach, you will join a collaborative community that invites you to contribute beyond the scope of client delivery.

In this role, you’ll have the opportunity to drive positive impacts through the design, build, execution, and assessment of risk programs across cyber, technology, and operational risk (non-financial risk) domains.

We are looking for passionate self-starters who enjoy learning and staying current with industry trends and technologies, excel at leading teams and mentoring others, and get excited about helping our clients strategically solve complex risk challenges.

• Provide excellent client service and develop and nurture client relationships, serving as a liaison between clients and project teams, understanding their business needs, and delivering responsive and high-quality service
• Lead CrossCountry teams when delivering at clients on engagements
• Risk Transformation: Maturity assessments and roadmaps; operating models; program and process builds; executive advisory
• Risks & Controls: Risk assessments; frameworks; RCSAs; testing methodologies; testing execution and reporting
• Internal Audit: Audit planning, execution, and reporting
• Regulatory Compliance: Regulatory mapping and horizon scanning; compliance readiness and remediation activities; exam and reporting support
• Reporting & Metrics: KPI and KRI development; automation and operations; dashboards and reporting; risk appetite analysis
• Apply specialized knowledge in particular non-financial risk domains, and broad acumen across facets of all domains including cybersecurity, technology, cloud, operational resiliency, data, third party, privacy, and product risk
• Conduct research and analysis, leveraging data to derive valuable insights and actionable recommendations for clients
• Lead working meetings with clients and participate in formal client briefings
• Oversee the operational aspects of ongoing projects, including engagement planning, budget development, progress monitoring, and quality control of deliverables
• Lead development of compelling, easy-to-consume, data-driven deliverables that pragmatically solve client problems
• Structure, execute, and synthesize research and analysis on a range of key industry developments and trends to inform client deliverables, proposals, marketing materials, and market strategies
• Participate in advancing the Risk Advisory service line through internal initiatives such as recruiting, business development, thought leadership, and knowledge sharing
• Coach, mentor, and nurture our risk advisory team members

• 5+ years of experience, with proven pedigree in consulting or highly complex risk organizations
• Experience with the major cybersecurity, technology, and operational risk frameworks and standards such as NIST CSF, CRI Cybersecurity Profile, CSA Cloud Controls, ISO 27000 series, COBIT, and Basel Operational Risk Principles
• Experience delivering security solutions across major cloud service provider (AWS, Azure, GCP) platforms
• Understanding of the components of a comprehensive risk management program, including governance, policy, organizational design, awareness and training, architecture, technologies, processes, and controls
• Professionalism and discretion in interacting with executives and clients, with polished verbal and written communication skills
• Experience mentoring and developing junior team members and helping project teams resolve multifaceted issues
• Enthusiasm, entrepreneurialism, and energy while working in a highly collaborative, dynamic environment
• Demonstrated passion for continued learning about new and emerging technologies and staying current with trends in cyber, technology, and operational risk management

• Bachelor’s degree from an accredited university
• Active holder of professional certification such as CISA, CISM, CISSP, CIPT, CIPP, or CIPM
• Willingness to travel domestically up to 20% - 30% (travel varies based on client preferences)
• Willingness to be present on client site or in office 3 days a week, with 2 days a week remote (hybrid office environment)

Compensation: For applicants located in New York, CrossCountry Consulting is required to include an estimate of the compensation range for this role. The following range takes into account a wide range of factors including but not limited to, skills, experience, education, licenses, certifications, business needs, and internal equity. An estimate of the current range is $116,000 - $238,400 per year + annual bonus + additional benefits.

Benefits Summary

The CrossCountry total rewards package includes comprehensive healthcare options, including medical, dental, and vision coverage; flexible spending accounts; and a 401(k) with company matching. Additionally, employees can take advantage of generous parental and maternity leave policies, technology stipends, and wellness reimbursement programs, all designed to support both professional growth and personal well-being. For detailed information about benefits at CrossCountry, please visit our dedicated benefits site: here.

CrossCountry provides equal employment opportunities (EEO) to all employees and applicants for employment and believes that respect and fair treatment are critical to creating a productive and inclusive workplace. As an equal opportunity employer, CrossCountry is fully committed to comply with all federal, state, and local laws and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability, pregnancy, genetics, sexual orientation, veteran status, gender identity or expression or any other protected characteristic. The company also complies with pay transparency and labor laws applicable to all terms and conditions of employment.