Cyber Security Policy Officer
Description:
Job Description
East Tennessee Facility is seeking a Cyber Security Privacy Officer to join their growing team. This is an onsite contact position that can go as long at 18+ months. Ideal candidates must be able to obtain a federal security clearance. No Corp-to Corp.
Responsibilities below.
Support the Privacy Officer and work closely with mission and support organizations in monitoring compliance with the Privacy Program and advancing data governance, stewardship, and risk mitigation as related to privacy concerns represented by both emerging efforts as well as legacy data sets throughout the Laboratory.
Conduct activities related to the development, implementation, maintenance of, and adherence to policies and procedures (particularly related to personally identifiable information) in compliance with federal and state laws.
Monitor compliance environment and aide in motivating changes to client's privacy program including ensuring continuous adherence to the privacy program's requirements.
Collaborate with key customers and peers in advancing privacy awareness, driving continuous program improvement, and maturing the capability to better meet and support client's goals and objectives.
Maintain an internal review and reporting mechanism for intended (new or changed) personal data processing activities.
Work with internal organizations to support data governance including an inventory of all privacy data, where it resides, any compliance gaps/risks, and protections in place to mitigate risk.
Coordinate client's role in the Department of Energy privacy impact assessment process, in close collaboration with partners and subject matter experts.
Remain conversant with pertinent state and federal privacy laws. Advance regulatory and contractual compliance by participating in assigned working groups.
Ensure client maintains the appropriate privacy and confidentiality consent procedures, authorization forms, and information notices.
Work with procurement, vendor management and the legal department to ensure that third-party suppliers' contracts and operating-level agreements meet privacy requirements.
Assist Privacy Officer in coordinating client's response to privacy-related incidents. Maintain documentation of compliance activities, such as complaints received or investigation outcomes.