Job Description
Experienced risk management and internal controls (RMIC) professional with deep experience implementing OMB Circular A-123, GAO Green Book/FAM, and DoD internal control guidance, leveraging eGRC/ServiceNow to produce audit-ready process and control documentation and deliver executive-level briefings. Skilled in driving DAF-wide RMIC progress through organizational change management and cross-stakeholder coordination, while consuming and consolidating large datasets to support enterprise reporting and third-party/IT control monitoring.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
Level 1- Bach and 2 years exp
Level 2- Bach and 5 years exp
Level 3- Bach and 8 years exp
Active DOD Secret clearance
• Technical Skills:
o Internal control framework execution: design and perform A-123/GAO Green Book/FAM/DoD PCN-aligned control work, including process/control documentation and audit-ready deliverables.
o Walkthroughs & gap assessment: plan, conduct, and document walkthroughs; perform Process Control Matrix (PCM) analysis to identify and document control gaps and remediation needs.
o Stakeholder quality & change enablement: provide technical review/standardization feedback across DAF-wide stakeholders; apply change management practices and strong technical writing to mature RMIC artifacts (policies, SOPs, agreements).
• Communication & Interpersonal Skills:
o Executive communication: develop and deliver senior-leader briefings on walkthrough results, findings, recommendations, and RMIC status.
o Cross-stakeholder facilitation: lead discussions and align requirements across functional/financial teams and DAF-wide/external stakeholders (e.g., IPA, service auditors, AUs, system owners, service providers)
• Technical writing: produce clear, concise, audit-ready documentation (e.g., process control matrices (PCMs)) with strong attention to detail and accuracy.
Expertise with Regulations and Guidance:
o Office of Management and Budget (OMB) Circular No. A-123: Management’s Responsibility for Enterprise Risk Management and Internal Control
o Government Accountability Office (GAO) Green Book (GAO-14-704G): Standards for Internal Control in the Federal Government
o Department of Defense Instruction (DoDI) 5010.40: DoD Enterprise Risk Management and Risk Management and Internal Control (RMIC) Program
Nice to Have Skills & Experience
• Expertise with Regulations and Guidance:
o GAO Framework for Managing Fraud Risks (GAO-15-593SP)
o GAO Financial Audit Manual (FAM) (GAO-22-105895): Vol. 1 (Jun 2024) and Vol. 2 (Jun 2025)
• Technical Skills:
o ServiceNow eGRC / Integrated Risk Management (IRM) administration and workflow integration (test & production), including centralized internal controls repository management.
o Data analytics & reporting: consolidate large, siloed RMIC datasets into enterprise-level reports, executive summaries, visualizations, and annual Statement of Assurance (SoA) deliverables.
o Third-party/IT controls oversight: assess service-provider controls (including SSAE 18), evaluate materiality, and monitor Complementary User Entity Controls (CUECs) impacting financial reporting.
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.