This job opportunity is part of an RFP process; candidates are invited to submit their resumes detailing relevant experience.
Location: Bethesda, MD (Hybrid)
LCG is a minority-owned technology consulting firm that has been a trusted partner to more than 40 federal agencies, including 21 of the 27 Institutes and Centers (ICs) at the National Institutes of Health (NIH). For over 25 years, LCG has brought digitization and innovation to the Health and Human Services (HHS) and the NIH ecosystems. We support IT organizations by bringing precision technology and operation models that achieve mission capabilities and performance success.
Job Description: Compliance Manager (Risk Management -Cloud)
Position Overview: The Risk Management Lead II will manage and oversee the compliance programs, policies, reporting, and practices for the organization. This role ensures that all activities follow regulatory requirements related to governance, industry standards, and location-specific laws. The candidate will play a critical role in developing internal controls, auditing systems, risk assessments, and delivering compliance training initiatives. Additionally, the Risk Management Lead II will collaborate with Cloud Services and Architecture teams to ensure that technical solutions and cloud service deployments align with regulatory and risk management standards.
Key Responsibilities:
- Manage compliance programs, ensuring alignment with regulatory requirements, internal controls, and industry best practices.
- Oversee the implementation of risk-based compliance testing of procedures and controls, identifying and correcting noncompliance.
- Develop, implement, and update internal compliance policies, ensuring they reflect new or amended regulations.
- Collaborate with cross-functional teams to integrate risk management best practices in Cloud Services, ensuring alignment with both NIH’s strategic goals and industry regulations.
- Provide strategic risk management advisement on cloud architecture, data migration, cloud security, and governance processes.
- Lead internal audits to ensure compliance with NIST, FIPS, OMB regulations, and NIH/HHS policies.
- Design and deliver training programs to stakeholders on compliance requirements, internal controls, and risk management.
- Manage a team, ensuring day-to-day performance meets organizational milestones and regulatory adherence.
- Provide cloud risk management advisory support, including strategic planning, assessments, and technical guidance for cloud migration and architecture services.
- Implement risk assessments and authorization (A&A) processes for NIH’s Cloud Services systems, ensuring compliance with security and governance standards.
- Monitor and maintain cloud security documentation, ensuring compliance with cloud service provider regulations and NIH’s standards.
Qualifications:
- Bachelor’s degree in Risk Management, Information Systems, or a related field (or equivalent experience).
- 5+ years of experience in risk management, compliance, or a related field; 1-3 years of supervisory experience preferred.
- Extensive knowledge of compliance regulations, auditing systems, and risk assessment methodologies.
- Familiarity with cloud computing environments, including AWS, Azure, or Google Cloud, and associated risk management strategies.
- Strong understanding of federal regulatory requirements (e.g., NIST, FIPS, OMB) and experience in auditing and implementing risk management practices in cloud services.
- Excellent communication skills and experience delivering compliance training to diverse stakeholders.
#J-18808-Ljbffr