Director: Risk and Controls

At Cask, we’re with you for what comes next.

Director, Risk and Controls Cask is with you for what comes next. At Cask, we are guided by our core values—Integrity First, Client Obsessed, Continuously Curious, Deep Accountability, and Team with Empathy. We are looking for a proactive and experienced Director, Risk and Controls to build and lead our enterprise risk and compliance framework, reporting directly to the Vice President of Finance.

In this role, you’ll be responsible for developing and executing a risk management strategy that spans financial, operational, and reputational domains. You’ll drive risk mitigation efforts, oversee internal controls, and partner cross-functionally to align governance with business priorities.

What You’ll Do:

● Risk & Compliance Strategy: Design and execute a scalable enterprise risk management framework aligned with standards like COSO, NIST, and ISO.

● Internal Controls: Establish, maintain, and improve internal controls across business operations to support accountability, transparency, and regulatory compliance.

● Risk Assessment & Mitigation: Lead organization-wide risk assessments, identify gaps, and implement mitigation strategies that align with business goals.

● Governance & Reporting: Develop policies, governance structures, and reporting mechanisms that keep leadership informed and audit-ready

● Cross-Functional Collaboration: Work closely with Finance, HR, Legal, IT, Security, Sales, and Delivery teams to embed risk awareness into day-to-day decision-making.

● Third-Party Risk: Lead vendor risk assessments and oversee controls related to onboarding and vendor management. 

● Continuous Improvement: Monitor evolving risks and regulatory landscapes to ensure our risk and control practices remain effective and forward-looking.

● Stakeholder Communication: Translate risk insights into actionable recommendations for business leaders and contribute to internal education on risk practices. 

What You’ll Bring:

● Bachelor’s degree in Risk Management, Finance, Accounting, Business, or a related field (Master’s or relevant certifications such as CRISC, CPA, CFF, CITP or CISM a plus)

● Strong knowledge of risk frameworks such as COSO, ISO 31000, and NIST

● Familiarity with compliance requirements including SOX, HIPAA, and GDPR

● Experience working cross-functionally in a fast-paced, service-oriented environment

● Excellent written and verbal communication skills with the ability to influence and educate stakeholders

● Experience with risk or GRC platforms (e.g., ServiceNow IRM) is a plus

● Current Secret clearance (or the ability to obtain one) Join Cask and be part of what comes next—bringing risk and control into focus to empower confident, compliant growth.

Join Cask and take the next step in your career, driving meaningful change in risk and security.

Perks? Oh, yes.

Cask's success is based on our most valuable asset - our people. We offer a robust benefits package designed with your needs in mind. We are passionate about investing in our people. As lifelong learners, we support your continued education and career development through paid training. We build in training dollars and hours into our annual plan for each and every employee so you have the time and resources available to stretch yourself.

We value diversity at our company. Cask is an equal opportunity employer. Everyone who applies with the qualifications will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying.

To learn more about Cask NX, please visit our website and check out our podcast series. Also be sure to follow us on LinkedIn and YouTube!

Cask NX LLC (“Cask NX”) collects and uses your personal information, including sensitive personal information, for human resources, employment, benefits administration, health and safety, and business-related purposes and to be in legal compliance/the business purposes listed in the chart HERE. We are committed to properly handling the personal information collected or processed in connection with your employment relationship with us. We will not sell the personal information, including any sensitive personal information, we collect about our employees or applicants for employment or share it with third parties for cross-context behavioral advertising.

To all recruitment agencies: We do not accept unsolicited agency resumes and are not responsible for any fees related to unsolicited resumes.

Note: Base salary range is $180,000. This range represents the expected compensation for this position. Actual salaries will vary and may be above or below the range when taking into account the wide range of factors that are considered in making compensation decisions, including but not limited to location; skill sets; experience and training; licensure and certifications; and other business and organizational needs. Compensation decisions are dependent on the facts and circumstances of each case. The range listed is just one component of the total compensation package for employees.