Senior Manager - Risk Management and Internal Controls (RMIC)

Harnessing Technology to Improve Financial Stewardship for the Welfare, Defense, and Security of Our Nation

Blake Willson Group (BWG) unites deep domain experts with technologists who leverage industry-leading financial management solutions to address the most critical mission objectives. Headquartered in the National Capital Region, the firm delivers measurable outcomes through technology-forward strategies and advanced solutions that drive mission success.

Blake Willson Group has a distinguished track record of exceptional performance, achieving operational efficiencies that allow our clients to do more with less. BWG has earned the confidence of its clients by consistently exceeding expectations through its unwavering commitment to best value solutions, implemented with speed.

Job Location:

This role is 100% on-site in Bethesda, Maryland.

Clearance:

Must be currently authorized to work in the United States on a full-time basis and have the ability to obtain a Public Trust Security Clearance.

Job Description:

In this position as a Senior Manager, Risk Management and Internal Controls (RMIC), you will lead the execution and oversight of a DoW RMIC program to ensure compliance with FMFIA, OMB Circular A-123, and Department of War financial management requirements. You will drive enterprise risk governance, internal control execution, and Statement of Assurance (SoA) processes across multiple Assessable Units while strengthening the organization’s overall control environment and audit readiness. In this position, you will also:

• Lead execution of the RMIC program in compliance with FMFIA and OMB Circular A-123, ensuring alignment with OSD financial management goals and federal performance reporting requirements
• Manage the full Statement of Assurance (SoA) lifecycle across 20 Assessable Units, including AU definition, training AU managers, and consolidation of annual assurance submissions
• Develop and maintain an integrated financial performance and risk management framework supporting MD&A reporting in the USUHS Performance and Accountability Report
• Facilitate annual holistic risk assessments across financial, operational, strategic, compliance, accreditation, research, and logistics domains
• Oversee identification, tracking, and resolution of material weaknesses, significant deficiencies, and internal control gaps across all Assessable Units
• Develop, monitor, and validate Corrective Action Plans (CAPs) to ensure effective and sustained risk mitigation
• Maintain and continuously improve RMIC policies, directives, and governance documentation
• Implement and support automated continuous monitoring and AI-driven risk scoring capabilities to enhance real-time risk visibility and reduce manual testing efforts
• Evaluate control environments and validate that corrective actions effectively address identified risks and control deficiencies
• Provide executive-level reporting and communication on risk posture, control effectiveness, and compliance status

Required Skills:

• Bachelor’s degree in Accounting, Finance, Business Administration, Management, or Public Administration.
• 10 years of experience in federal risk management, internal controls, and audit readiness.
• 5 years of experience executing DoD/DoW RMIC programs in compliance with FMFIA and OMB Circular A-123.
• 3 years of experience leading RMIC programs, including SoA management, enterprise risk assessments, CAPs, and AI-driven continuous monitoring to enhance internal controls and audit readiness.

Desired Skills:

• Strong analytical skills with the ability to evaluate control environments and validate effectiveness of remediation efforts.
• Proficiency in Microsoft Office Suite, including SharePoint and Google Workspace.
• Strong written and verbal communication skills with experience briefing senior leadership.
• Experience reviewing SOC 1 reports and mapping Complementary User Entity Controls (CUECs) to internal control frameworks.
• Experience using data analytics and visualization tools to identify control failures, risk trends, and process inefficiencies.
• A PMP, CGFM, CDFM, or similar certification, is desired, but not required.