Privacy / Security Risk Analyst

  • 2521 S Clark St, Arlington, VA 22202, USA
  • Full-time

Job Description

The Privacy Risk Analyst works under the direction of the Government Privacy Officer to manage the Privacy program and related activities for a large enterprise HR and Payroll ERP system. This position will be considered a subject matter expert for Privacy compliance.

DUTIES AND RESPONSIBILITIES:

  • Applies thorough knowledge of the Privacy Act of 1974, the E-Government Act of 2002, FISMA, OMB guidance, NIST guidance, DOD Directive 5400.11, Army Regulation 25-22 and related laws and regulations to provide a variety of services supporting the program;
  • Assist with preparation of System of Records Notice and Privacy Impact Assessment;
  • Create and maintain an inventory of personally identifiable information (PII) data elements throughout the environment.
  • Review and analyze all requests for changes to the inventory to identify privacy risks;
  • Analyze new or proposed changes to existing technology, interface agreements, and business processes to identify privacy risks and provide possible mitigation strategies;
  • Has knowledge of computer software and hardware support requirements such as access control, encryption software, and anti-virus protection software;
  • Has the ability to analyze, conceptualize and organize in order to identify and evaluate privacy requirements, develop solutions, and organize efforts to implement effective solutions and solve complex problems;
  • Facilitate privacy compliance documentation and process reviews;
  • Draft and edit documentation such as project plans, reports, analyses, and other types of documentation;
  • Document privacy breaches by collecting and recording factual incident data to include interviewing witnesses, collecting physical evidence, and arranging for examination of physical evidence;
  • Collaborate with Cybersecurity team to document cyber breaches involving privacy data;
  • Provide training and support to workforce on Privacy Issues;
  • Develop strategies for the automation, monitoring and auditing of privacy controls for the program;

Qualifications

 

  • Must have a Bachelor s Degree
  • Must have an active Secret Clearance
  • Must have any of the following certificates (CompTIA A+ CE, CCNA-Security, Network+ CE, SSCP, CySA+, GICSP, GSEC, Security+ CE, CASP CE, CCNP Security, CISA, CISSP, GCED, GCIH)
  • 5+ years of federal privacy experience.
  • Strong verbal and written communication skills

Additional Information

  • Job Location: Arlington, VA
  • Job Type: Full-Time
  • Pay: Up to $135K/yr (Depends on Experience)
  • Clearance: Active SECRET clearance