Benefits:
- 401(k)
- Dental insurance
- Health insurance
- Paid time off
Location: - 600-700 Army Navy Drive in Arlington, VA
Hybrid: 3 days onsite, 2 days remote.
Salary/Rate: $120k w/benefits, or $75/hr (1099 or C2C)
Clearance: Min. Secret level
Privacy/Compliance Specialist
Contribute to the tracking, interpretation of guidance, and coordination of the agency’s IT related task(s). This includes Privacy Program coordination, IT Security Coordination meetings and facilitation, and IT self-inspection activities.
Responsibilities:
- Provide support to the PM’s and/or System Owners to complete an Initial Privacy Assessment (IPA), Privacy Impact Assessment (PIA), Plan of Action & Milestones (POAMs), and System of Records Notices (SORNs), or any other documentation required to satisfy the agency’s Cybersecurity and Privacy compliance requirements
- Track all system Authority to Operate (ATO) decisions, IPAs, PIAs, POAMs, SORNs that are being developed and have been approved
- Provide on-going support of the privacy documentation status sheet in order to track status
Provide support for on-going agency system inventory as it pertains to privacy concerns
Provide support to coordinate and facilitate quarterly review meetings to ensure systems risks identified and monitored at this level
- Prepare all meeting materials such as but not limited to, agenda’s, meeting minutes, actions, copies of the IPAs, PIAs, POAMs, SORNs and reports to be used during the discussion
- Provide support to client throughout the year by tracking and maintaining IPAs, PIAs, POAMs, SORNs. This includes working with program offices to ensure that IPAs, PIAs, POAMs, SORNs are being completed and assisting stakeholders with outstanding issues
- Utilize the internal systems, which the agency uses to track IPAs, PIAs, POAMs, SORNs
Provide technical support to include technical advice on security requirements for highly specialized application(s), technical report preparation, or other services as required
- Design, prepare and deliver IT security related presentations; review and provide written comments on IT security related artifacts to include but not limited to: IT Security directives, policies, guidelines, plans, and procedures; briefings in response to internal and external cybersecurity data calls; and IT security related requests
- Coordinate and facilitate regular security coordination meetings, as required
Have knowledge of the following IT Frameworks, Methodologies and Federal Policies:
Privacy Act of 1974
The E-Government Act of 2001
OMB Circular A-130 Appendix I and II
National Institute of Standards and Technology (NIST) Cyber Security Framework
NIST Special Publication 800-53 / Revision 5
Personally Identifiable Information (PII)
Privacy Controls / Security Controls
Privacy Status Reporting
Privacy Compliance standards, methods, and artifacts
Risk Management Framework (RMF)
Federal Information Security Management Act of 2002 – (FISMA)
Tools
MS Office Suite (Outlook, Word, Excel, PowerPoint, Visio)
MS SharePoint
MS Power BI
Cyber Security Assessment & Management (CSAM)
ServiceNow
General Skills
Providing Weekly and Monthly Status Reporting
Providing meeting support (facilitate meetings, prepare agenda, prepare project briefings, present to the stakeholders, document and distribute meeting minutes, and track actions)
Flexibility is a must, as well as the ability to work in a collaborative team environment.
Exceptional organizational skills with the ability to coordinate multiple work streams, multi-task, and work well under tight deadlines.
Required Qualifications
Bachelor’s Degree (BS/BA in Computer Science, Information Systems, Engineering, Business, Physical Science, or other technology) or equivalency.
6-8 years of relevant experience
Must have a minimum of Secret Clearance
Flexible work from home options available.