Privacy Compliance Lead

Role Overview: The Privacy Compliance Lead will lead the development, implementation, and maintenance of a comprehensive information technology privacy program for the Department of Veterans Affairs (VA). The Lead will coordinate the analysis of existing policy, legislation, business processes, procedures, applications, systems of records notices, computer matching agreements, and general operations to evaluate VA compliance to applicable privacy requirements, and then develop recommendations and strategies for improvement. The Lead will conduct risk assessments and manage and resolve privacy issues. They will also ensure that privacy considerations and protections are comprehensively integrated into VA programs, policies, and procedures.

Responsibilities:

• Serve as the technical expert on the Federal Privacy Act of 1974, privacy compliance laws and regulations, and provide direction to stakeholders on complex issues
• Ensure contract deliverables have gone through proper quality reviews and are submitted on time
• Oversee support staff in daily activities, identify workload and assign tasks
• Provide key contributions to the implementation of Privacy Act requirements to include the System of Records Notice (SORN) and Computer Matching Agreement (CMA) programs
• Develop, write and implement privacy policies, procedures and controls at an enterprise level
• Execute privacy risk management activities in accordance with enterprise policy
• Assist in the operational day-to-day responsibilities of implementing a privacy program, including reviewing SORNs and CMAs packages and maintaining internal privacy-related notices, policies, guidelines, standards, and processes
• Conduct and manage risk analyses and assessments, and resolve privacy issues
• Monitor and respond to privacy related inquiries
• Partner cross-functionally across the organization to ensure all products, offerings and practices comply with privacy and compliance requirements
• Prepare training material related to SORN processing
• Prepare reports for submittal to the Office of Management and Budget (OMB)
• Collaborate with the privacy impact assessment (PIA) team and communicate any changes to SORNs so PIAs can be updated accordingly
• Manage resources pages on Intranet sites that contain privacy information
• Write standard operating procedures and other documents, as directed

• Experience in IT Privacy, Risk and Compliance
• Knowledge of OMB Circular A-108
• Detailed knowledge and familiarity with security and privacy discipline
• Ability to identify key concepts, factors and risks based on conversations and document these in clear and concise narrative or graphic reports

Professional Certification(s):

N/A

Formal Education:

Bachelor’s Degree

Years of Professional Experience:

8 years’ experience with a bachelor’s degree

12 years’ experience without a bachelor’s degree

• Experience working as a contractor or an employee for the Department of Veterans Affairs (VA)
• Experience with processing SORNs and CMAs
• Experience in business process mapping, identifying business requirements/needs and creating initiatives based off of those requirements/needs
• Experience in conducting audits of policy and compliance to standards, including liaison with internal and external auditors
• Experience working in a consulting environment and understanding of client/customer relations

Professional Certification(s):

Certified Information Privacy Professional (CIPP), Certified Information Privacy Technologist (CIPT), or other related certifications

Formal Education:

Bachelor’s Degree

Years of Professional Experience:

10 years’ experience with a bachelor’s degree

15 years’ experience without a bachelor’s degree

• Ability to develop high-quality written documents, as well as PowerPoint presentations
• MS Visio & MS Project experience is a plus

• Ability to perform the essential job functions consistent safely and successfully with the ADA, FMLA and other federal, state and local standards, including meeting qualitative and/or quantitative productivity standards
• Ability to maintain regular, punctual attendance consistent with the ADA, FMLA and other federal, state, and local standards
• Must be able to talk, listen and speak clearly on telephone
• Ability to work productively, conduct professional business, and be available during normal business hours in a fully remote work environment