Sr. Privacy Analyst

Job Description:
The ideal candidate will report directly to the program manager and have strong information privacy compliance skills and the ability to lead tasks with limited supervision. The Senior Privacy Analyst will be part of a federal National Privacy Program (NPP), which is responsible for implementing and maintaining agency level privacy policies, procedures, standards, and guidelines. The Privacy Analyst will support compliance with the Agency's Privacy Program; assessing Privacy Threshold Analysis questionnaires, reviewing, and approving Privacy Impact Assessments (PIAs); coordinating the publication of System of Record Notices (SORNs) with program offices; maintaining the official privacy act files, the Agency Federal Information System Registry, and providing and training or training opportunities for all key privacy personnel.

Primary Responsibilities:

• Provide subject matter expertise on privacy and data protection to help incorporate privacy-by-design into processes, critical projects and initiatives.
• Review PTA questionnaires used to determine if an information technology system contains PII, whether a PIA is required, whether a SORN is required, and if any other privacy requirements apply to the system.
• Evaluate PIA to ensure conformance with applicable legal, regulatory, and policy requirements for privacy; determine the risks and effects; and evaluate protections and alternative processes to mitigate potential privacy risks.
• Lead and coordinate privacy data calls across the Agency.
• Assist with the evaluation of NIST SP 800-53 Privacy controls which will be used to safeguard and secure PIA in Agency systems operating in the information environment.
• Maintain the Federal Information System (FIS) Registry for Privacy.
• Train Agency Liaison Privacy Official (LPOs) and other stakeholders, as required, on Privacy matters, topics, trends and issues relating to PTAs and PIAs.
• Ensure that the Agency is complying with Privacy laws, statutes, policies, and regulatory documents to safeguard PII and that Agency Stakeholders are addressing Privacy requirements, as outlined in published directives and are implemented with accurate information.
• Keep abreast of current developments in privacy laws, regulations and industry standards.
• Collect customer satisfaction and internal service performance feedback to foster continual improvement.

Minimum Qualifications:

• USCitizenship.
• Bachelor's Degree and minimum seven (7) + years of experience in a privacy, data protection, and/or information security compliance role.
• Experience working for a U.S. federal government Agency or contractor.
• Demonstrated experience assessing risk and advising on organizational controls. Compliance or auditing experience also advantageous.
• Skill in applying government privacy laws, regulations, principles and policies to assignments involving the release of information to the public.
• Skill in conducting analyses of legislation and regulations to determine impact on program operations.
• Knowledge of the Freedom of Information Act and the Privacy Act.
• Knowledge of Federal and Agency records management systems, regulations, principles and polices.
• Ability to work with limited supervision and meet multiple project milestones and deadlines as required by the client.
• Excellent written and oral communication skills including delivery of client-ready work products and the ability to communicate complex technical issues to senior stakeholders and non-technical staff.
• Experience working with Federal Information Security Modernization Act (FISMA) requirements and NIST guidelines, including NIST SP 800-53.
• Demonstrated ability to prioritize and manage competing work assignments in a time sensitive environment.
• Keen attention to detail and the ability to solve problems using best practices and systematic approach .

Preferred Tool Experience

• Governance, Risk and Compliance (GRC) Tools e.g., Telos Xacta IA Manager or similar like CSAM, RSA Archer, etc.
• CDM Dashboard
• SharePoint
• Qlik Sense