Senior Manager - Risk Management and Internal Controls (RMIC)

About The Position

Requirements

• Bachelor’s degree in Accounting, Finance, Business Administration, Management, or Public Administration.
• 10+ years of experience in federal risk management, internal controls, and audit readiness.
• 5+ years of experience executing DoD/DoW RMIC programs in compliance with FMFIA and OMB Circular A-123.
• 3+ years of experience leading RMIC programs, including SoA management, enterprise risk assessments, CAPs, and AI-driven continuous monitoring to enhance internal controls and audit readiness.

Nice To Haves

• Strong analytical skills with the ability to evaluate control environments and validate effectiveness of remediation efforts.
• Proficiency in Microsoft Office Suite, including SharePoint and Google Workspace.
• Strong written and verbal communication skills with experience briefing senior leadership.
• Experience reviewing SOC 1 reports and mapping Complementary User Entity Controls (CUECs) to internal control frameworks.
• Experience using data analytics and visualization tools to identify control failures, risk trends, and process inefficiencies.
• A PMP, CGFM, CDFM, or similar certification, is desired, but not required.

Responsibilities

• Lead execution of the RMIC program in compliance with FMFIA and OMB Circular A-123, ensuring alignment with OSD financial management goals and federal performance reporting requirements
• Manage the full Statement of Assurance (SoA) lifecycle across 20 Assessable Units, including AU definition, training AU managers, and consolidation of annual assurance submissions
• Develop and maintain an integrated financial performance and risk management framework supporting MD&A reporting in the USUHS Performance and Accountability Report
• Facilitate annual holistic risk assessments across financial, operational, strategic, compliance, accreditation, research, and logistics domains
• Oversee identification, tracking, and resolution of material weaknesses, significant deficiencies, and internal control gaps across all Assessable Units
• Develop, monitor, and validate Corrective Action Plans (CAPs) to ensure effective and sustained risk mitigation
• Maintain and continuously improve RMIC policies, directives, and governance documentation
• Implement and support automated continuous monitoring and AI-driven risk scoring capabilities to enhance real-time risk visibility and reduce manual testing efforts
• Evaluate control environments and validate that corrective actions effectively address identified risks and control deficiencies
• Provide executive-level reporting and communication on risk posture, control effectiveness, and compliance status

Benefits

• major medical benefits such as dental and vision coverage
• a 401(k)-contribution plan
• holiday and personal time off
• professional development training & certification benefits
• health & wellness subsidies
• paid time off for community service