Senior IT Policy and Risk Management Strategist - 26584

About The Position

Requirements

• 9 years relevant experience with Bachelors in related field; 7 years relevant experience with Masters in related field; 4 years relevant experience with PhD or Juris Doctorate in related field; or High School Diploma or equivalent and 13 years relevant experience.
• Experience supporting federal or regulated environments (particularly with PRA, Section 508, and records management requirements).
• Ability to influence and lead without direct authority.
• Proven track record in IT governance, risk, and compliance (GRC) programs.
• Excellent communication and project management abilities.
• Strong analytical skills
• Clearance: Must possess an active secret security clearance.

Nice To Haves

• Exhibit deep expertise in compliance assessment frameworks (e.g., NIST, ISO, or similar standards) to identify risks, recommend mitigations, and drive continuous improvement.
• Ability to conduct overall risk management facilitation, expertise, and guidance to stakeholders across the organization while maintaining key stakeholder and industry relationships.
• Proven track record of developing and implementing enterprise-level IT policies and risk management programs in alignment with federal and DoW regulations.
• DHS Section 508 Training Certificate

Responsibilities

• Conduct comprehensive analyses of existing Federal and DoW laws, regulations, and policies to develop enterprise-wide risk management strategies and tools that support decision-making for senior leadership.
• Lead the development and implementation of compliance programs for Records Management, Section 508 Accessibility, and the Paperwork Reduction Act, ensuring adherence to DoW mandates and phased maturity roadmaps.
• Build and launch an Annual Program Assessment function to proactively evaluate compliance with IT-related laws, regulations, and policies, incorporating internal audits and system reviews to mitigate risks.
• Contribute significantly to the development and maintenance of a comprehensive IT policy framework tailored to DoW requirements, defining roles, responsibilities, and authorities for the CIO, while ensuring alignment with federal and agency standards.
• Establish and operationalize IT policies through centralized processes, communication plans, training programs, and a SharePoint policy portal to enhance accessibility and compliance across the agency.
• Oversee the delivery of key program outputs, including policy frameworks, compliance tools, training materials, audit documentation, and tracking mechanisms to monitor progress and identify bottlenecks.
• Provide strategic guidance and leadership to ensure continuous improvement in IT policy, compliance, and risk management programs, while fostering collaboration across IM&T and DoW stakeholders.
• Collaborate closely with the Senior IT Policy Analyst and cross-functional teams to integrate policy, risk, and compliance considerations into IT initiatives.
• Advise senior leadership on emerging risks, compliance obligations, and strategic recommendations to enhance the organization's risk posture.

Benefits

• We offer competitive benefits such as best-in-class medical, dental and vision plan choices; wellness resources; employee assistance programs; Savings Plan Options (401(k)); financial planning tools, life insurance; employee discounts; paid holidays and paid time off; tuition reimbursement; as well as early childhood and post-secondary education scholarships.
• Bonus/other non-recurrent compensation is occasionally offered for qualified positions, and if applicable to this role will be addressed by the recruiter at the screening phase of application.