Controls Consultant Manager

CLA is a top 10 national professional services firm where our purpose is to create opportunities every day, for our clients, our people, and our communities through industry-focused wealth advisory, digital, audit, tax, consulting, and outsourcing services. Even with more than 8,500 people, 130 U.S. locations, and a global reach, we promise to know you and help you.

CliftonLarsonAllen, LLP (CLA) is seeking an experienced and dynamic Controls Consultant Manager to lead the Federal Information Security Modernization Act (FISMA) audit team and state and local government cybersecurity consulting services. This role is critical in ensuring the government information systems comply with federal, state, and local government security standards and regulations, safeguarding sensitive data, and systems.

• Oversee and coordinate all aspects of the annual FISMA compliance audit for the Department of Veterans Affairs.
• Lead a multidisciplinary team of auditors, IT security professionals, and compliance analysts.
• Develop, implement, and maintain audit methodologies and schedules to ensure timely completion of all FISMA and NIST-related framework assessments and reporting.
• Serve as the primary point of contact between the VA OIG and OIT.
• Review and interpret federal regulations, including NIST guidelines, OMB directives, and other applicable policies.
• Identify, assess, and communicate risks and vulnerabilities in VA information systems, and support mitigation planning.
• Prepare and present audit findings and recommendations to VA OIG and leadership.
• Monitor the implementation of corrective action plans and track progress toward remediation of identified issues.
• Ensure documentation and evidence collection meets federal audit standards and is ready for inspection at all times.
• Provide training and guidance to CLA staff on FISMA requirements and best practices for information security.

• Bachelor's degree in Information Security, Computer Science, Information Technology, Business Administration, or a related field.
• Minimum of five (5) years of experience in IT audit, information security, or compliance, with at least two (2) years in a managerial or team lead role.
• In-depth knowledge of FISMA, NIST Special Publications (especially SP 800-53), and federal information security frameworks.
• Strong leadership, organizational, and project management skills.
• Excellent written and verbal communication skills, with the ability to present complex information clearly to both technical and non-technical audiences.
• Relevant certifications such as CISA, CISSP, CISM, or CRISC are highly desirable.
• Experience working with federal agencies or with the VA is a plus.
• Ability to obtain and maintain a federal tier 4 high-risk public trust background investigation.
• Ability to maintain GAO yellow book continuing professional education.

This position is based in Washington, D.C., with some flexibility for remote work. Occasional travel may be required for site visits and meetings with VA offices nationwide. The Manager reports directly to the principal in charge of the FISMA engagement.

Our Perks:

• Flexible PTO (designed to offer flexible time away for you!)
• Up to 12 weeks paid parental leave
• Paid Volunteer Time Off
• Mental health coverage
• Quarterly Wellness stipend
• Fertility benefits
• Complete list of benefits here

#LI-RC1

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

Click here to learn about your hiring rights.

Wellness at CLA

To support our CLA family members, we focus on their physical, financial, social, and emotional well-being and offer comprehensive benefit options that include health, dental, vision, 401k and much more.

To view a complete list of benefits click here.