Senior Consultant, Enterprise Risk Management with Security Clearance

Overview:
11th Hour Service is a fast growing, culture-driven consulting firm focused on providing innovative solutions to complex issues
Our team, comprised of expert-level professionals, excel at tailoring solutions for our client’s most challenging imperatives in the areas of finance and accounting, operations, technology, and risk assessment
Our mission is to deliver real results and sustainable strategies to ensure the ongoing success of our clients in meeting their objectives
Our core values encourage the discovery of meaningful and inspiring work, limitless growth, and flexibility to truly achieve a life work balance
We aim to change the lives of the people we work with and work for; helping our employees develop on a path they are passionate about, and helping our clients create more secure and rewarding futures for their business
If you are as excited about your future as we are, join our team here at 11th Hour Service
11th Hour Service is currently seeking a Senior Enterprise Risk Management Consultant to support a client engagement based in Richmond, VA (3 days per week on-site)
Responsibilities & Desired Skill Areas Include:
Organizational AU/SAUs Documentation and Validation: • Review a listing of the Assessable and Sub Assessable Units (AUs and SAUs) identified by each MSC, identifying areas of duplication, documenting opportunities for standardization, highlighting any gaps in coverage, and providing recommendations for improvement
• Conduct a scoping assessment to evaluate the documentation already developed to determine what can be leveraged and how much additional effort is needed to produce the deliverables requested within this PWS specific to the DLA organizations assessable and sub-assessable units and its affiliated Business processes
• Assist RICAs with collaborating with other organizations to ensure consistent, streamlined, non-duplicative identification of AUs/SAUs
Assessable Unit (AU) Project Plan Workbook Support: • Support each MSC’s RMIC Program by developing and reporting on the status of the annual AU Project Plan Workbook under the purview of the organization
• Development and maintenance of monthly status updates reported to the ERM PMO summarizing progress implementing each MSC’s AU Project Plan
Risk Assessment: • Support each MSC in the execution of a Risk Assessment, facilitating risk assessment evaluation sessions for all organizational AUs and SAUs in accordance with the timelines provided by the ERM PMO and documented in the AU Project Plan
This will also include a risk assessment of any processes that have been outsourced to a service provider or third party
• Prepare the necessary material and capture information during the working sessions, which will be planned and conducted to support reporting timelines for the annual Statement of Assurance
• Support the development of a consolidated risk register for the each MSC based on input from each assessable and sub-assessable unit
Risk Response Support: • Support the MSC’s Risk Owners in the development and maintenance of Risk Response Plans
• Support data entry to ERM PMO-supplied or other agency’s/organization’s Risk Response templates and databases, maintaining effective record keeping and organizing files to collect information for future use
Identification and Development of Key Internal Controls: • Work with each MSC’s RICA, AUMs/SAUMs, and other key stakeholders to identify/develop key internal controls to mitigate associated risks, as appropriate, within the organization’s AUs and their respective SAUs
• Work with the AUM/SAUM or designee to develop key internal controls that do not currently exist or redefine/enhance existing controls to help provide reasonable assurance that the approved key internal controls mitigate the associated risks and appropriately address the associated control objectives
• Assist with transfer of knowledge on how to develop, document, and implement internal controls in alignment with ERM PMO guidance
• Document and verify the organization’s inventory of key internal controls in the Risk and Control Matrix template provided by the ERM PMO
Assessment of Key Internal Controls: • Perform an assessment of the key controls relevant to each MSC and other controls identified by the government
• Review Agency-wide ERM PMO guidance, consult with the ERM PMO for clarification as needed, determine the appropriate population, and sample size, and execute the internal control testing
• Testing is to include a Test of Design (TOD) and as needed, Test of Effectiveness (TOE)
• Test results will be reported as completed in each MSC’s AU Project Plan and reported to the ERM PMO monthly
Self-Identified Deficiency CAP Development and Support: • Utilizing the Corrective Action Plan (CAP) template, create CAPs for deficiencies identified through internal control testing performed by DLA personnel or DLA support contractors, applicable deficiencies identified during DLA Agency Management Reviews, or applicable deficiencies reported in DLA OIG Audit Reports
• Deficiencies include control deficiencies, IT non-conformances, significant deficiencies, and material weaknesses as applicable
• Review and update existing CAPs created to address existing self-identified deficiencies, ensuring the CAPs appropriately identify the root causes of the deficiencies and are in the required format prescribed by the ERM PMO
Statement of Assurance (SOA) Deliverable Development: • Support each MSC’s RICAs in development and analysis of SOA deliverables from each MSC’s AUs and SAUs
• As part of SOA deliverable development, assist with the documentation of an organization-level statement of assurance to include management’s evaluation of internal controls within the organization
• Review the results for each SOA work product and provide recommendations to ensure all deliverables meet ERM PMO guidance
Communication Products: • Develop communication work products to promote organizational ERM & A-123 awareness, overall change management, and assist in making complex concepts more relatable to the organization’s workforce
This may include the development of executive communications, email messages, memos, newsletters, and articles for DLA websites
Meeting Support: • Attend MSC RMIC program-related meetings as requested by the government for ERM-related meetings and develop requested content, including but not limited to agendas, content, minutes, and follow up action items to support the meeting topic
Job Aid, SOP, and End to End Documentation Support: • Support the government in the review or update of Standard Operating Procedures (SOPs), Job Aids, Desk Guides, flowcharts, process maps, business process narratives or other programmatic process documents to support the MSC’s RMIC program as specified by the Government
11th Hour Service offers a comprehensive compensation and benefits package including, but not limited to: • Competitive salary with performance-based bonus opportunities
• Health, dental, vision and life insurance plans
• Flexible Spending Accounts
• Commuter’s Benefits
• Tuition and Continuing Education Assistance programs
• 401 (K)-retirement
• 11 Paid Holidays and generous Paid Time Off (PTO)
• Team building and social events
• Mentorship programs to support career development.
11th Hour Service is committed to creating a diverse environment and is proud to be an equal opportunity employer
All qualified applicants will be considered for employment without regard to race, color, creed, religion, gender identity or expression, sexual orientation, national origin, disability, age, or veteran status.

---