Senior Consultant, CMS A-123 Information Technology

About The Position

Requirements

• Bachelor’s degree in Information Technology, Business, Legal, Computer Sciences, Cybersecurity, or a related field.
• Minimum of 3–5 years of professional experience supporting IT risk, controls, and security assessments within complex federal entities.
• Demonstrated experience working with FISMA, FISCAM, FedRAMP, and NIST frameworks.
• Experience integrating IT controls into broader internal control frameworks (e.g., OMB Circular A‑123, FMFIA).
• Ability to obtain and maintain a Public Trust clearance (i.e. US citizenship required).

Nice To Haves

• Certified Information Systems Auditor (CISA).
• Experience supporting cross‑functional IT control assessments and coordinating with Federal A‑123 leadership, business owners, and external auditors.
• Skilled in developing IT test plans, conducting walkthroughs, and documenting control design and operating effectiveness.
• Experience supporting Corrective Action Plan (CAP) development and validation.
• Additional certifications such as CISSP, CGFM, PMP, or relevant cloud security credentials (e.g., AWS, Azure).
• Experience mapping IT systems to financial reporting cycles and control matrices.
• Proficiency with tools such as Microsoft Power Platform, Dynamics 365, SharePoint, and other enterprise GRC platforms used for A‑123 testing and documentation.
• Demonstrated ability to support the use of automation, analytics, AI, or other technology‑enabled approaches within internal control solutions.
• Comfortable advising on IT system risks, control gaps, and remediation strategies in a highly regulated federal environment.

Responsibilities

• Support and execute the planning, execution, and documentation of IT general and application control assessments in alignment with OMB Circular A‑123, Appendix A, and federal information security standards.
• Develop and execute IT test plans for systems supporting financial reporting, ensuring compliance with frameworks such as FISMA, FISCAM, FedRAMP, NIST SP 800‑53, and NIST SP 800‑30.
• Coordinate with internal control teams, business owners, and external auditors to identify, document, and test key IT controls across major transaction cycles and systems.
• Map IT systems and applications to financial reporting processes and support appropriate coverage of control objectives and key risk areas.
• Evaluate the design and operating effectiveness of IT controls, identify deficiencies, and support the development and validation of Corrective Action Plans (CAPs).
• Maintain secure, well‑organized documentation and workpapers that support audit readiness and meet federal information security requirements.
• Provide input and recommendations on IT risk, control gaps, and remediation strategies, contributing to the agency’s internal control maturity and compliance posture.
• Support proposal development, capture activities, and other business development efforts, as needed.
• Provide day‑to‑day guidance to junior staff and contribute to knowledge sharing, training, and onboarding activities.

Benefits

• Medical, Rx, Dental & Vision Insurance
• Personal and Family Sick Time & Company Paid Holidays
• Position may be eligible for a discretionary variable incentive bonus
• Parental Leave and Adoption Assistance
• 401(k) Retirement Plan
• Basic Life & Supplemental Life
• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
• Short-Term & Long-Term Disability
• Student Loan PayDown
• Tuition Reimbursement, Personal Development & Learning Opportunities
• Skills Development & Certifications
• Employee Referral Program
• Corporate Sponsored Events & Community Outreach
• Emergency Back-Up Childcare Program
• Mobility Stipend