Senior Privacy Technical Advisor/SME

DSA Inc.
United States, Virginia, Fairfax
10300 Eaton Pl Ste 500 (Show on map)
Nov 10, 2024
Data Systems Analysts, Inc. (DSA) is a leading Information Technology and Management Consulting firm, delivering solutions to Federal, State and Local Government and commercial industry. We are best known for Knowledge & Information Management, Energy Management & Environmental Sustainability, Enterprise Systems Development & Operations and Cyber Security and Information Assurance. With offices in the DC Metropolitan Area and across the nation, we serve Fortune 500 decision makers and Federal, State and local government agencies throughout the U.S. Location is Hybrid: Allows the candidate the ability to work onsite at DSA or customer site with potential for telework. Work Location flexible with telework as approved. Job Description: DSA is seeking a qualified Senior Privacy Technical Advisor. The ideal candidate will report directly to the Program Manager and have strong leadership skills and the ability to lead teams, tasks and projects of 5+ junior, mid, and senior level resources with limited supervision. The Senior Privacy Technical Advisor will serve as the subject matter expert on the government Agency's National Privacy Program. The National Privacy Program oversees privacy policies, procedures, practices, standards, guidance, and implementation activities in accordance with the Privacy Act and other federal requirements and directives. The selected candidate will advise the Agency Privacy Officer (APO) and the Agency National Privacy Program manager to develop and maintain strategic plans, policies, procedures, and guidance to ensure the adequate protection of privacy information and to ensure compliance with federal privacy laws and regulations (e.g. Privacy Act of 1974, as amended (5 U.S.C. 552a), E-government Act of 2002 (Public Law 107-347), Freedom of Information Act of 1966, as amended (5 U.S.C 552), and Homeland Security Act of 2002, as amended (6 U.S.C. 552)). This resource will work with the Chief Privacy Officer (CPO) and the Senior Agency Official for Privacy (SAOP) to develop key goals and objectives for the program. The candidate will also advise senior management (e.g., Chief Information Officer (CIO) and Chief Information Security Officer (CISO)) on privacy-related risks and impacts on mission delivery. The Senior Privacy Technical Advisor will help the APO set priorities for the national program, including planning, organizing, and directing studies, surveys, special projects, and workgroups. The candidate will develop technical, policy, and provide management advice to the Agency's SAOP and CPO and to other Agency officials. The candidate works with managers and staff across the Agency and externally with oversight agencies and other federal partners on Agency and national privacy initiatives. Primary Responsibilities: Ensure the Agency complies with Privacy laws, statutes, policies, and regulatory documents to safeguard Personally Identifiable Information (PII). Ensure Agency Stakeholders address Privacy requirements, as outlined in published directives and are implemented with accurate information. Assuring that the use of technologies sustains and do not erode, privacy protections relating to the use, collection, and disclosure of personal information. Assuring that personal information contained in Privacy Act systems of records is handled in full compliance with fair information practices as set out in the Privacy Act of 1974. Evaluating legislative and regulatory proposals involving collection, use, and disclosure of personal information by the Federal Government. Conducting a privacy impact assessment of proposed rules of the Department or that of the Department on the privacy of personal information, including the type of personal information collected and the number of people affected. Preparing a report to OMB and Congress on an annual basis on activities of the Agency that affect privacy, including complaints of privacy violations, implementation of the Privacy Act of 1974, internal controls, and other matters. Manage ongoing privacy compliance activities with an eye towards creating process efficiencies wherever possible. Help define, update, maintain, and enhance privacy compliance program requirements Support privacy compliance reviews and oversee remediation activities across the Agency. Support the monitoring of system/process development for privacy compliance. Provide subject matter expertise insight on a variety of privacy-related programs, initiatives, and workflows (e.g., notices, assessments, third-party requirements, incident management, etc.) Understand how privacy technologies can serve as an enabler for privacy program operations and assist with deployment of privacy-enhancing technologies. Enhance the National Privacy Program to improve governance and readiness for product, operations, and data-driven business models through policy, standard, and guidance creation and revision. Support periodic review of applicable privacy policies in light of changes to laws, rules, regulations, and organizational policies. Monitor and evaluate evolving laws, rules, regulations, and guidance to help maintain compliance and strategic alignment. Collect customer satisfaction and internal service performance feedback to foster continual improvement. Minimum Qualifications: US Citizenship. Bachelor's Degree and minimum eight (8) years of experience developing and implementing Privacy policy for a federal organization. Advanced Privacy certifications e.g., Certified Information Privacy Professional (CIPP), Certified Information Privacy Technologist (CIPT), Certified Information Privacy Manager (CIPM) or equivalent. Experience working for a U.S. federal government Agency or contractor. Demonstrated experience assessing risk and advising on organizational controls. Compliance or auditing experience also advantageous. Skill in applying government privacy laws, regulations, principles and policies to assignments involving the release of information to the public. Skill in conducting analyses of legislation and regulations to determine impact on program operations. Knowledge of the Freedom of Information Act and the Privacy Act. Knowledge of Federal and Agency records management systems, regulations, principles and polices. Ability to work with limited supervision and meet multiple project milestones and deadlines as required by the client. Excellent written and oral communication skills including delivery of client-ready work products and the ability to communicate complex technical issues to senior stakeholders and non-technical staff. Experience working with Federal Information Security Modernization Act (FISMA) requirements and NIST guidelines, including NIST SP 800-53 Demonstrated ability to prioritize and manage competing work assignments in a time sensitive environment. Keen attention to detail and the ability to solve problems using best practives and systematic approach. Preferred Tool Experience CDM Dashboard SharePoint Qlik Sense Governance, Risk and Compliance (GRC) Tools e.g. Telos Xacta IA Manager or similar like CSAM, RSA Archer, etc. Many of DSA's positions require the ability to obtain a security clearance. Security clearances may only be granted to U.S. citizens. In addition, applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information. DSA is proud to be an Affirmative Action/Equal Opportunity Employer. DSA is committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All applicants will be considered for employment without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender (including pregnancy, childbirth, breastfeeding or other related medical conditions), gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, characteristic or membership in any other group protected by federal, state or local laws. DSA requires background checks , where permitted , by law. DSA is an E-Verify Employer.