Privacy Analyst

CVP is seeking a Privacy Analyst to execute and support the implementation of a successful Cybersecurity program.

Responsibilities

Assist in the management of privacy and security-related policies.

Assist with compliance risk management activities – such as developing auditing, monitoring, and oversight processes related to identified risks.

Assist with interpreting and implementing policy initiatives.

Assist with responses to data calls and audits.

Collaborate and interface with project stakeholders, including end users, organizational offices, and implementation partners on privacy-related matters.

Collect and maintain data needed to meet organizational privacy reporting.

Conduct scheduled, ad hoc, and special reviews and assessments of privacy programs and efforts to ensure compliance with appropriate, laws, regulations, and policy standards and requirements.

Create required Privacy documentation in support of the security authorization process.

Develop and maintain procedural, technical, and training support documents for the Privacy documentation review processes.

Develop and maintain a tracking system for various types of documentation related to compliance with relevant privacy and electronic standards promulgated under the Health Insurance Portability and Accountability Act (HIPAA), federal and state (as applicable) laws, and agreements the organization may have with other parties.

Develop and present briefings on project status to organization leadership.

Develop and update the organization’s Privacy Policy handbook based on guidance from the Chief Privacy Officer, Office of Management & Budget (OMB) memoranda, NIST guidance documents, and US-CERT requirements.

Efficiently track and investigate privacy matters.

Ensure systematic compliance audits are undertaken and findings are reported and acted upon.

Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the organization’s privacy program.

Investigate issues, perform a root cause analysis and risk assessment, and make recommendations regarding mitigating and corrective actions.

Liaison with all key organizational areas, in particular any development teams, to ensure data privacy issues are considered at the outset of new projects, products and initiatives.

Prepare reports, related analyses, and other summaries related to the impact of new and existing compliance requirements, with recommendations to assist management in ensuring compliance and improving internal controls.

Provide PII Incident response expertise and management support to the Privacy Office in cooperation with the Security Operations Center (SOC).

Recognize a possible security violation and take appropriate action to report the incident, as required.

Recommend and implement changes to PIA/PTA process templates, processes, training, and support material based on periodic federal guidance changes.

Respond to requests for guidance and information on compliance requirements including the internal process for conflict-of-interest reporting, analysis, and management and document retention and destruction policies.

Review and track Privacy Impact Assessments (PIA) and Privacy Threshold Analysis (PTA) documents to completion in accordance with current standard operating procedures (SOP).

Supervise or manage protective or corrective measures when a privacy-related incident or vulnerability is discovered.

Support the reviews of current Privacy Plans and assess how the plans must be updated to align with the organization’s and OCIO’s strategic plans and the cybersecurity framework.

Qualifications

4-year college degree in Computer Science or related field and 2 years’ experience or 5 years’ experience in lieu of a college degree.

Familiarity with SORNs, Privacy Impact Assessments (PIA) and Privacy Threshold Analysis (PTA)

Experience demonstrating strong analytical, troubleshooting and problem-solving skills for cybersecurity.

Excellent communication skills, both written and oral.

Knowledge of NIST and FISMA guidelines.

Ability to analyze privacy requirements and implementation within the organization.

Demonstrate knowledge of data privacy, data handling and data classification.

Experience working in the Government or other highly regulated environment.

Experience working with Personally Identifiable Information (PII) and Protected Health Information (PHI).

Familiarity with NIST and OMB guidance materials as they relate to privacy data.

Familiarity with the Privacy Rule (HIPAA) or other state and federal privacy laws and regulations.

General understanding of The Clinger-Cohen Act, state and federal guidelines regarding privacy, and concepts of Government privacy laws/standards.

Knowledge of Personally Identifiable Information (PII) data security standards.

Strong attention to detail.

Display excellent customer service skills.

Desired Skills

Certified Information Privacy Professional (CIPP).

Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Experience in planning, analyzing, and coordinating activities and establishing priorities.

About CVP

CVP is an award-winning healthcare and next-gen technology and consulting services firm solving critical problems for healthcare, national security, and public sector clients. We help organizations achieve lasting transformation and build a healthy, safe, and equitable world—a future we call What’s Next.

What do we do? We do work that matters like advancing mental and behavioral health, streamlining immigration, and improving access and outcomes for underserved populations including Veterans, people experiencing homelessness, and rural American residents.

How do we do it? Our team of industry experts deliver integrated, innovative solutions in Healthcare Research & Technology, Digital Transformation, Data Science, Cybersecurity, Marketing Communications & Change Management, and Strategy & Transformation.

Why do we do it? Our core values define the CVP culture, guide our decisions, and enable our client-focused mission. We’re relentlessly focused on making a difference and building What’s Next for our clients and their customers.

We believe diversity, equity, and inclusion are essential components of our individual and collective success, and our commitment to hiring and supporting Veterans has earned us three HIRE Vets gold medallions. Join us to start or advance your career with a mission-focused firm transforming healthcare, enhancing security, and making government work better.

Customer Value Partners, LLC is a VEVRAA Federal Contractor and an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability. Customer Value Partners seeks to provide employment opportunities for protected veterans and individuals with disabilities.

Regular Full-Time