Skip to content

Internal Controls, ERM, and Federal Risk Analyst 2026P-0327

Full-Time
Washington, DC
Posted 4 days ago

Ascension LLC is seeking a highly analytical, detail-oriented Internal Controls, ERM, and Federal Risk Analyst to support a federal financial improvement and audit support engagement for an independent federal agency. This role is ideal for a professional with hands-on experience supporting OMB Circular A-123, Internal Control Over Financial Reporting, internal control over operations, Enterprise Risk Management, GAO Green Book, Test of Design, Test of Effectiveness, risk/control matrices, SOC/SSAE 18 review, CUEC documentation, Statement of Assurance support, and Corrective Action Plan tracking.

The selected candidate will help the customer strengthen its internal control and ERM programs by assessing business processes, documenting risks and controls, supporting control testing, reviewing service provider control reports, validating corrective actions, and preparing leadership-ready documentation that supports audit readiness and ongoing compliance. This position requires someone who can operate with professionalism, discipline, and judgment in a federal environment where accuracy, documentation quality, and responsiveness are essential.

Ascension is seeking a candidate who is self-driven, organized, consultative, and comfortable working across finance, operations, risk, and audit stakeholders. The ideal candidate will be skilled at translating complex control requirements into practical documentation, identifying risks before they become findings, coordinating across process owners, and producing work products that are clear, defensible, and ready for government review.

Position Summary

The Internal Controls, ERM, and Federal Risk Analyst will support the execution and sustainment of the customer’s internal control and risk management program. The role will perform work across multiple task areas, including Internal Control Over Financial Reporting, Internal Control Over Operations, Enterprise Risk Management, and Corrective Actions. The RFQ requires the contractor to perform a full A-123 cycle annually, including risk-based scoping, business process documentation, internal control documentation, SOC report review, TOD/TOE testing, deficiency tracking, corrective action planning, and Statement of Assurance support.

The role will also support operational internal controls by documenting processes, conducting annual walkthroughs, developing test plans, executing TOD/TOE activities, updating CUECs, supporting Entity Level Control assessments, preparing briefings for leadership, and helping finalize Statements of Assurance. For ERM, the analyst will assist in developing ERM governance documentation, maintaining risk information, supporting the Enterprise Risk Profile, coordinating with risk owners and risk champions, supporting fraud risk assessment activities, and developing ERM communication and training materials.

The candidate must be able to support government stakeholders in a structured, evidence-based manner while maintaining confidentiality and protecting sensitive agency information. The customer requires all contractor personnel to be U.S. citizens and to obtain the appropriate suitability investigation before or during performance, depending on access requirements.

Day-to-Day Responsibilities

  • Execute OMB Circular A-123 internal control activities across financial reporting and operational business processes.
  • Support annual risk-based scoping, planning, and documentation for the customer’s internal control program.
  • Document business processes, control objectives, key controls, risks, control owners, CUECs, and supporting evidence.
  • Develop and maintain risk/control matrices, master control catalogs, process narratives, flowcharts, testing plans, and internal control assessment workpapers.
  • Perform Test of Design and Test of Effectiveness procedures to determine whether controls are properly designed and operating effectively.
  • Assess control gaps, testing exceptions, self-identified deficiencies, and process improvement opportunities.
  • Review SOC reports, bridge letters, gap letters, and SSAE 18 reports from service providers and prepare monitoring or analysis documentation.
  • Support the development, tracking, and validation of corrective action plans for audit findings, internal control deficiencies, and self-identified deficiencies.
  • Conduct limited internal sampling, testing, reconciliation support, and corrective action initiation for operational areas.
  • Evaluate Entity Level Controls and support documentation of enterprise-level risk and control considerations.
  • Coordinate with Division Directors, process owners, SMEs, and risk champions to gather evidence, validate risk information, and confirm control performance.
  • Prepare executive summaries, leadership briefings, testing results, risk reports, CAP status reports, and Statement of Assurance support materials.
  • Maintain trackers for deficiencies, CAPs, risks, control testing results, open findings, overdue actions, and remediation status.
  • Support ERM activities, including risk identification, risk assessment, risk prioritization, risk monitoring, Enterprise Risk Profile updates, and risk appetite documentation.
  • Assist with fraud risk assessment documentation and risk mitigation recommendations.
  • Develop internal control and ERM training materials, job aids, presentation slides, guides, and reference materials for agency personnel.
  • Facilitate working sessions, walkthroughs, interviews, office hours, and stakeholder discussions related to controls, risks, and corrective actions.
  • Identify opportunities to streamline internal control documentation, testing, evidence collection, risk reporting, and ongoing monitoring.
  • Protect sensitive information, including CUI, PII, and other controlled information, in accordance with federal and customer requirements.

How to Apply

CLICK HERE TO APPLY & SUBMIT YOUR RESUME

Job Features

Job CategoryAcquisition & Contract Management
Minimum RequirementsBachelor’s degree in Accounting, Finance, Business Administration, Public Administration, Risk Management, Information Systems, or a related field. | Minimum of 5 years of progressive experience supporting financial improvement, audit support, internal control, OMB Circular A-123, ERM, financial statement audit support, or related federal compliance activities.
Required SkillsStrong analytical skills and the ability to interpret policies, procedures, control requirements, audit findings, and risk information. | Proficiency with Microsoft Office, including Excel, Word, PowerPoint, Outlook, and Teams. | Ability to work onsite in Washington, DC, as required by the customer, with telework only as authorized. | U.S. citizenship required.
Technical SkillsDemonstrated experience with OMB Circular A-123, including internal control documentation, risk assessment, testing, deficiency tracking, and Statement of Assurance support. | Experience supporting Internal Control Over Financial Reporting or operational internal control programs in a federal agency, public sector entity, regulated organization, or complex commercial environment. | Experience developing or maintaining risk/control matrices, process narratives, control catalogs, testing plans, workpapers, corrective action plans, and management briefings. | Working knowledge of GAO Standards for Internal Control in the Federal Government, commonly referred to as the Green Book. | Familiarity with TOD/TOE testing, control gap assessments, audit remediation, and evidence validation. | Experience reviewing or supporting analysis of SOC reports, SSAE 18 reports, bridge letters, gap letters, or CUEC implementation documentation. | Strong writing skills, including the ability to prepare concise, accurate, and professional documentation for government leadership, auditors, and program stakeholders.
Desired SkillsMaster’s degree in Accounting, Finance, Business Administration, Public Administration, Risk Management, or a related discipline. | Professional certification such as CPA, CIA, CISA, CGFM, CFE, CRMA, PMP, or CGRC. | Experience supporting a federal agency internal control program, ERM program, financial statement audit, or audit remediation effort. | Experience supporting a micro agency, independent federal agency, or non-CFO Act agency. | Experience with FMFIA, FFMIA, OMB Bulletin 15-02, OMB Appendix A, OMB Appendix C, FASAB/SFFAS, Treasury Financial Manual, or federal financial management policies. | Experience supporting Entity Level Control assessments, fraud risk assessments, risk appetite statements, enterprise risk profiles, or risk governance structures. | Experience preparing leadership-ready dashboards, trackers, briefings, status reports, and audit support documentation. | Experience using SharePoint, Power BI, Power Automate, Tableau, ServiceNow, audit response tools, or other workflow/reporting platforms. | Strong facilitation skills and the ability to lead interviews, walkthroughs, evidence-gathering sessions, and cross-functional stakeholder meetings. | Prior experience supporting federal audit readiness, audit liaison, corrective action validation, or internal controls modernization.
Sustainability RequirementsU.S. citizenship is required. | Candidate must be able to obtain and maintain the required federal suitability determination, which may include Tier 1 Non-Sensitive Low Risk, Tier 2 Moderate Risk Public Trust, or Tier 4 High-Risk Public Trust, depending on the level of access required. | Candidate must comply with HSPD-12, PIV credentialing, customer facility access, nondisclosure, and information protection requirements. | Candidate must safeguard sensitive information, including CUI, PII, Official Use Only information, and other customer-controlled information. | Candidate must be able to work at the customer site in Washington, DC, as required.

Apply For This Job

Scroll To Top