LCG
Compliance Manager (Risk Management -Cloud)
LCG, Bethesda, Maryland, us, 20811
This job opportunity is part of an RFP process; candidates are invited to submit their resumes detailing relevant experience.
Location: Bethesda, MD (Hybrid)
LCG is a minority-owned technology consulting firm that has been a trusted partner to more than 40 federal agencies, including 21 of the 27 Institutes and Centers (ICs) at the National Institutes of Health (NIH). For over 25 years, LCG has brought digitization and innovation to the Health and Human Services (HHS) and the NIH ecosystems. We support IT organizations by bringing precision technology and operation models that achieve mission capabilities and performance success.
Job Description: Compliance Manager (Risk Management -Cloud)
Position Overview: The Risk Management Lead II will manage and oversee the compliance programs, policies, reporting, and practices for the organization. This role ensures that all activities follow regulatory requirements related to governance, industry standards, and location-specific laws. The candidate will play a critical role in developing internal controls, auditing systems, risk assessments, and delivering compliance training initiatives. Additionally, the Risk Management Lead II will collaborate with Cloud Services and Architecture teams to ensure that technical solutions and cloud service deployments align with regulatory and risk management standards.
Key Responsibilities:
Manage compliance programs, ensuring alignment with regulatory requirements, internal controls, and industry best practices.Oversee the implementation of risk-based compliance testing of procedures and controls, identifying and correcting noncompliance.Develop, implement, and update internal compliance policies, ensuring they reflect new or amended regulations.Collaborate with cross-functional teams to integrate risk management best practices in Cloud Services, ensuring alignment with both NIH's strategic goals and industry regulations.Provide strategic risk management advisement on cloud architecture, data migration, cloud security, and governance processes.Lead internal audits to ensure compliance with NIST, FIPS, OMB regulations, and NIH/HHS policies.Design and deliver training programs to stakeholders on compliance requirements, internal controls, and risk management.Manage a team, ensuring day-to-day performance meets organizational milestones and regulatory adherence.Provide cloud risk management advisory support, including strategic planning, assessments, and technical guidance for cloud migration and architecture services.Implement risk assessments and authorization (A&A) processes for NIH's Cloud Services systems, ensuring compliance with security and governance standards.Monitor and maintain cloud security documentation, ensuring compliance with cloud service provider regulations and NIH's standards.Qualifications:
Bachelor's degree in Risk Management, Information Systems, or a related field (or equivalent experience).5+ years of experience in risk management, compliance, or a related field; 1-3 years of supervisory experience preferred.Extensive knowledge of compliance regulations, auditing systems, and risk assessment methodologies.Familiarity with cloud computing environments, including AWS, Azure, or Google Cloud, and associated risk management strategies.Strong understanding of federal regulatory requirements (e.g., NIST, FIPS, OMB) and experience in auditing and implementing risk management practices in cloud services.Excellent communication skills and experience delivering compliance training to diverse stakeholders.
Compensation and Benefits
The projected compensation range for this position is $129,250 to $168,250 per year benchmarked in the Washington, D.C. metropolitan area. The target salary is $142,000. The salary range provided is a good faith estimate representative of all experience levels. Salary at LCG is determined by various factors, including but not limited to role, location, the combination of education/training, knowledge, skills, competencies, certifications, and work experience.
LCG offers a competitive, comprehensive benefits package which includes health insurance options (medical, dental, vision), life and disability insurance, retirement plan contributions, as well as paid leave, federal holidays, professional development, and lifestyle benefits.
Devoted to Fair and Inclusive Practices
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.
If you are interested in applying for employment with LCG and need special assistance or an accommodation to apply for a posted position, contact our Human Resources department by email at .
Securing Your Data
Beware of fraudulent job offers using LCG's name. LCG will never request payment-related details or advancement of money during the application process. Legitimate communication will only come from lcginc.com or emails, not free commercial services like Gmail or WhatsApp. If you receive suspicious emails asking for payment or personal information, contact us immediately at .
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the .
Location: Bethesda, MD (Hybrid)
LCG is a minority-owned technology consulting firm that has been a trusted partner to more than 40 federal agencies, including 21 of the 27 Institutes and Centers (ICs) at the National Institutes of Health (NIH). For over 25 years, LCG has brought digitization and innovation to the Health and Human Services (HHS) and the NIH ecosystems. We support IT organizations by bringing precision technology and operation models that achieve mission capabilities and performance success.
Job Description: Compliance Manager (Risk Management -Cloud)
Position Overview: The Risk Management Lead II will manage and oversee the compliance programs, policies, reporting, and practices for the organization. This role ensures that all activities follow regulatory requirements related to governance, industry standards, and location-specific laws. The candidate will play a critical role in developing internal controls, auditing systems, risk assessments, and delivering compliance training initiatives. Additionally, the Risk Management Lead II will collaborate with Cloud Services and Architecture teams to ensure that technical solutions and cloud service deployments align with regulatory and risk management standards.
Key Responsibilities:
Manage compliance programs, ensuring alignment with regulatory requirements, internal controls, and industry best practices.Oversee the implementation of risk-based compliance testing of procedures and controls, identifying and correcting noncompliance.Develop, implement, and update internal compliance policies, ensuring they reflect new or amended regulations.Collaborate with cross-functional teams to integrate risk management best practices in Cloud Services, ensuring alignment with both NIH's strategic goals and industry regulations.Provide strategic risk management advisement on cloud architecture, data migration, cloud security, and governance processes.Lead internal audits to ensure compliance with NIST, FIPS, OMB regulations, and NIH/HHS policies.Design and deliver training programs to stakeholders on compliance requirements, internal controls, and risk management.Manage a team, ensuring day-to-day performance meets organizational milestones and regulatory adherence.Provide cloud risk management advisory support, including strategic planning, assessments, and technical guidance for cloud migration and architecture services.Implement risk assessments and authorization (A&A) processes for NIH's Cloud Services systems, ensuring compliance with security and governance standards.Monitor and maintain cloud security documentation, ensuring compliance with cloud service provider regulations and NIH's standards.Qualifications:
Bachelor's degree in Risk Management, Information Systems, or a related field (or equivalent experience).5+ years of experience in risk management, compliance, or a related field; 1-3 years of supervisory experience preferred.Extensive knowledge of compliance regulations, auditing systems, and risk assessment methodologies.Familiarity with cloud computing environments, including AWS, Azure, or Google Cloud, and associated risk management strategies.Strong understanding of federal regulatory requirements (e.g., NIST, FIPS, OMB) and experience in auditing and implementing risk management practices in cloud services.Excellent communication skills and experience delivering compliance training to diverse stakeholders.
Compensation and Benefits
The projected compensation range for this position is $129,250 to $168,250 per year benchmarked in the Washington, D.C. metropolitan area. The target salary is $142,000. The salary range provided is a good faith estimate representative of all experience levels. Salary at LCG is determined by various factors, including but not limited to role, location, the combination of education/training, knowledge, skills, competencies, certifications, and work experience.
LCG offers a competitive, comprehensive benefits package which includes health insurance options (medical, dental, vision), life and disability insurance, retirement plan contributions, as well as paid leave, federal holidays, professional development, and lifestyle benefits.
Devoted to Fair and Inclusive Practices
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.
If you are interested in applying for employment with LCG and need special assistance or an accommodation to apply for a posted position, contact our Human Resources department by email at .
Securing Your Data
Beware of fraudulent job offers using LCG's name. LCG will never request payment-related details or advancement of money during the application process. Legitimate communication will only come from lcginc.com or emails, not free commercial services like Gmail or WhatsApp. If you receive suspicious emails asking for payment or personal information, contact us immediately at .
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the .