Privacy Lead/ Certified Information Privacy Professional (CIPP/G)

Direct Permanent Hire

Partial Remote/Washington DC

Onsite 2-3 days per week

Clearance: Must be U.S. Citizen / Public Trust

$120k Plus benefits Package

Privacy - Lead:

• Possess the abilities, knowledge, skills, tasks, and capabilities described in the Work Roles for Security Control Assessors (SP-RSK-002) and Privacy Officers/Privacy Compliance Managers (OV-LGA-002) outlined in the Attachment J-2, NICE Work Role Framework.

• 8-10 years of experience in Privacy, Policy, and Data Governs and certification in Certified Information Security Manager (CISM) and Certified Information Privacy Professional/Government (CIPP/G);

• Hold the Certified Information Privacy Professional (CIPP/G) for Government certification in order to assist the USCB with its compliance and risk mitigation practices.

• Bachelor’s Degree is Required

  The scope will include the following task areas and objectives:

• Prepare documents such as Privacy Impact Assessments (PIAs), System of Records Notices (SORNs), Privacy-related policies and directives, Privacy Act Statements, Privacy Notices, or privacy-related documents and ensure they meet Bureau standards prior to publication.

• Support the privacy continuous monitoring strategy by conducting regularly scheduled reviews of PIAs and SORNs, policies, program plans, and other privacy documents, as required.

• Assist with implementation of National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Rev. 5 (Rev 5) controls, to include developing new or revised policies, procedures, and other privacy artifacts to align with the Rev 5 controls and additional supplemental guidance, as necessary.

• Conduct privacy analysis on the application of Rev 5 controls to provide privacy artifacts for submission into the Security Implementation Plan as part of the authority to operate (ATO) for IT systems and review other related artifacts.

• Provide support in the creation and maintenance of privacy policies, directives, standard operating procedures (SOPs), and other documentation relevant to the operations of the Privacy Program to ensure they are up-to-date and address existing and/or new requirements, standards, audits, or assessment findings, or best practices.

• Provide privacy analysis on Bureau policies to identify and address privacy implications.

• Review and provide recommendations on pertinent developments in federal privacy policy to determine impacts to the Bureau and the Privacy Program.

• Develop and maintain a Privacy Program dashboard and tracker to document, monitor, manage, and provide metrics on ongoing projects, initiatives, and tasks to ensure projects are on track and deadlines are met. Generate periodic status reports on ongoing efforts.

• Organize and maintain office records and documentation.

• Provide support on privacy initiatives or requirements and perform privacy analysis on research studies and projects, information technology systems and applications, data intakes, and other critical business operations to identify privacy implications or risks and propose mitigation strategies. This includes, but is not limited to work on breaches, audits, rulemakings, data disclosure, analysis of structured and unstructured data sets, etc., and other tasks as necessary.

  Subject Matter Expert III - A minimum of 3 years of demonstrable experience working in federal privacy compliance and operations and a bachelor’s degree.

  Demonstrated experience should include a researching, coordinating, and developing narrative style privacy compliance documentation such as Privacy Impact Assessments (PIAs), System of Records Notices (SORNs), Privacy-related policies and directives, Privacy Act Statements, and Privacy Notices, implementing NIST National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Rev. 5 (Rev 5); analyzing privacy risk and providing recommendations related to the disclosure of data, structured and unstructured data sets, disclosure techniques, similar existing data releases, and risk profiles.

System One, and its subsidiaries including Joulé, ALTA IT Services, CM Access, TPGS, and MOUNTAIN, LTD., are leaders in delivering workforce solutions and integrated services across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible full-time employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.

System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.