Privacy Impact Assessment SME - Cyber
Washington, DC

Job Description

Description

Every day at Perspecta, we enable hundreds of thousands of people to take on our nation's most important work.

We're a company founded on a diverse set of capabilities and skills, bound together by a single promise: we never stop solving our nation's most complex challenges. Our team of engineers, analysts, developers, investigators, integrators and architects work tirelessly to create innovative solutions. We continually push ourselves-to respond, to adapt, to go further. To look ahead to the changing landscape and develop new and innovative ways to serve our customers.

Perspecta works with U.S. government customers in defense, intelligence, civilian, health care, and state and local markets. Our high-caliber employees are rewarded in many ways-not only through competitive salaries and benefits packages, but the opportunity to create a meaningful impact in jobs and on projects that matter.

Perspecta's talented and robust workforce-14,000 strong-stands ready to welcome you to the team. Let's make an impact together.

Perspecta has an immediate need for a Privacy Impact SME - Cyber in Washington, DC

This role will provide PIA support from tracking of incoming PIAs, training, forecasting, reviewing, and final signing and posting of PIA submissions. The successful candidate will provide ongoing development and implementation of the end to end PIA workflow and reporting capability. PIA support includes, but is not limited to:

PIA Tracking and Reporting:As requested by client, develop weekly, monthly, quarterly, yearly analyses and reports to reveal ongoing PIA related completion rates, patterns, trends, risks, targeted training needs, remediation opportunities and related metrics.PIA Review Support: As needed, provide PIA review support to client; reviewing and communicating PIA deficiencies to PIA author/system owners.Work with client reviewers to coordinate, request and review deficiencies and provide recommendations to mitigate.Strengthen PIA Process for client (workflow, monitoring, reporting, processing, etc.). As requested, provide PIA lifecycle management support from initial review, stakeholder/system owner engagement to final signing by the Senior Agency Official for Privacy or delegate.

Extensive experience in a leadership role with an emphasis on the implementation of privacy and information security program functions in a healthcare setting, as typically acquired during 8 to 10 years in a similar role

* Past experience as a Privacy Officer is highly preferred


* Extensive experience conducting efficient and regular risk assessments, and auditing and monitoring activities


* Demonstrated professional experience managing a privacy or information security program in an integrated healthcare delivery system


* Extensive experience in risk management best practices


* In-depth working knowledge of current privacy and information security regulations and other pertinent and applicable state and federal regulations related to Protected Health Information and other confidential data sets.


* Through knowledge of current hardware, software and database technologies used for privacy and information security risk management in a healthcare system


* Understanding of risk management from a technology perspective


* Working knowledge of management of an effective privacy and information security program, including training, monitoring, conducting and documenting investigations, addressing violations, and monitoring corrective actions


* Extensive knowledge of government agency work plans and regulatory changes related to the privacy or information security of health information


* Expert knowledge of theories, principles and practices of strategic planning, program evaluation and improvement, and budget development and analysis


Project management skills, including the ability to initiate, plan, execute, and control activities to meet requirements and timelines of regional and system-wide initiatives or projects that are frequently driven by new or changing regulations

Qualifications

* Minimum of a bachelor's degree or equivalent experience plus at least 8 years work experience in privacy, information security policy, information management or a directly related field.


* Experience supporting Federal information security or privacy programs


* Extensive experience in data or information policy, preferably in financial services regulation, compliance or a non-profit environment.


* Expert understanding of privacy and data security policies and operations.


* Deep understanding of the Privacy Act and related requirements such as HIPAA


* Understanding of information security controls as expressed in NIST publications


* Understanding of sensitive data (e.g. PII) protection approaches and countermeasures


* Experience with all of the following: project plans, schedules, resource plans, budgets, WBS, program plans, POA&Ms, roadmaps


* Experience managing and conducting privacy impact assessments and/or data minimization efforts a plus.


* Strong interpersonal and leadership skills.


* Demonstrated communication, management, negotiation, decision-making and collaboration skills.


* CIPP or related certification desired


* Demonstrated ability for attention to detail



EEO Tagline: Perspecta is an AA/EEO Employer - Minorities/Women/Veterans/Disabled and other protected categories