Previous Job
Previous
Security- Privacy Compliance Consultant/Specialist
Ref No.: 18-04474
Location: Washington, District of Columbia
Position Type:Contract to Hire
Sr. Privacy Compliance Consultant/Specialist
Washington, DC

MUST:
Sr. Privacy Compliance Consultant/Specialist
10+ years of experience
Manage the privacy compliance and risk management work for component systems to be performed with the goal of timely, efficiently and effectively completing privacy-related work
Perform privacy impact assessments (PIAs) and provide PII data security and monitoring, migration strategies, and System Privacy Plans
Support personnel in implementing new or strengthened controls; review documentation related to the "certification and accreditation” (C&A) or "authority to operate” (ATO) processes
Identify potential vulnerabilities to cyber and information security using penetration testing and red teams.
Cyber Security Certifications: CISSP and CIPP/G
Masters


DUTIES:

Follow the prioritization of work to be performed, as needed for each IT system, or new or modified IT system, in collaboration with personnel and component privacy teams: review the documented privacy plan created in accordance with Department's Security and Privacy Assessment and Authorization Handbook (SPA&A)
Assess the effectiveness of privacy controls outlined in the privacy plan; when controls should be improved to further mitigate risks, propose new or strengthened controls
Make recommendations concerning privacy compliance, risks and mitigation measures, and whether they should approve C&A or ATO from a privacy perspective
Addressing the full range of notable privacy risks, including risks in the PII being collected, how the PII may be used and disclosed, system interconnections, security measures to safeguard the PII, and retention and disposal, and describing measures taken through IT system design and development to mitigate privacy risks
Ensure that privacy is addressed throughout the life cycle of each information system and incorporate Federal privacy requirements into the enterprise architecture to ensure that risk is addressed, and information systems achieve the necessary levels of trustworthiness, protection, and resilience



*Quadrant, Inc. is an equal opportunity and affirmative action employer. Quadrant is committed to administering all employment and personnel actions on the basis of merit and free of discrimination based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or status as an individual with a disability. Consistent with this commitment, we are dedicated to the employment and advancement of qualified minorities, women, individuals with disabilities, protected veterans, persons of all ethnic backgrounds and religions according to their abilities.