We are seeking a motivated and customer-oriented professional to support our CDC client.
Duties And Responsibilities Include
The Privacy Analyst is responsible for supporting enhanced privacy awareness and compliance within the organization. This role involves conducting information system and third-party website content reviews, performing IT system privacy impact assessments (PIAs), and ensuring adherence to privacy compliance requirements. The Privacy Analyst will play a crucial role in developing privacy training materials, facilitating tabletop exercises, and maintaining privacy-related databases and tracking tools.
- Privacy Content Development and Training:
- Research and recommend updates to guidance and compliance documents, including Privacy Standard Operating Procedures (SOPs).
- Develop content for Personally Identifiable Information (PII) Handler/Role-Based Privacy Training and facilitate annual tabletop exercises.
- Educational and Awareness Initiatives:
- Prepare and post educational and awareness content on the Privacy internet and intranet websites.
- Draft privacy awareness presentation materials and coordinate the distribution of privacy awareness information.
- Strategic Goals and Project Planning:
- Review and analyze Privacy Unit strategic goals, including training, policies, procedures, and controls, based on guidance from HHS, OMB, NIST, and others.
- Develop project plans to meet privacy-specific initiatives.
- Privacy Impact Assessments and Incident Review:
- Review, analyze, and assess Privacy Impact Assessments (PIAs) and Privacy Threshold Analyses (PTAs) for completeness and accuracy.
- Document discrepancies or concerns related to the processing of these artifacts.
- Review and assess PII incidents, maintain a database to track incident types, and recommend areas for enhanced training.
- Database and Tracking Tool Development:
- Consult and lead the development of databases and tracking tools to enhance the efficiency and effectiveness of Privacy Unit responsibilities.
- Ensure requests for Privacy Act records are logged accurately within 24 business hours.
- Request Validation and Response:
- Thoroughly review the validity of all requests for records within eight business hours of receipt to ensure compliance with the Privacy Act and HHS regulations.
- Review responsive records for accuracy and draft responses to requestors, subject to review and clearance by the Privacy Program manager.
Required Qualifications
- Must hold a current CDPSE, IAPP CIPP or CIPT certification.
Desired Qualifications
- Cybersecurity Certifications (CISSP, CISM, etc.).
Education Requirement: Bachelor's degree in Information Technology, Cybersecurity, or similar.
Clearance Requirement: Ability to obtain and maintain a Public Trust.
Why Join Gunnison?
- Gunnison takes on ambitious projects. We target fun, challenging work that requires creative thinking and innovation.
- Quality is our top priority.
- Gunnison employee benefits meet or exceed what other companies in the Washington, D.C. metropolitan area offer.
- There is a great sense of camaraderie at Gunnison. This is an atmosphere we will maintain as we continue to grow.
- We are growing rapidly and the opportunity for individual professional growth with Gunnison is outstanding.
- We hire for careers at Gunnison, not to fill a position.
Employee Benefits
Gunnison employee benefits meet or beat other companies in the Washington, D.C. metropolitan area, including:
- Bonuses AND profit-sharing
- 401k Matching
- Certifications and training allowance $2,500/year
- 3 weeks of personal leave your first year (160 hours can roll over every year)
- 5 days of Flex-Time-Off per year
Equal Opportunity/Affirmative Action Employer. Must be eligible for employment in the United States. We are unable to sponsor candidates at this time.
In 1994 Gunnison Consulting Group began serving the greater Washington, D.C. metro area, focused on tackling our customers' most ambitious technology projects.
By creating a culture dedicated to enabling our customers and employees to achieve more than they ever thought they could, the company has thrived for over 25 years.