• Subject Matter Expert II - Privacy Program Support

    Job Location
    VA-Crystal City
    # of Openings
    Security Clearance
    Active Secret
    Percentage of Travel Required
    10% or less
    Regular Full-Time
  • Overview

    Support the customer by combining privacy and legal skills with subject matter expertise and industry experience to create practical, pragmatic, and innovative privacy and data security solutions that work in an operational environment. Meet or exceed the qualifications specified by the client regarding privacy compliance requirements.


    • Ensure that the privacy program’s mission is fully integrated into the organization's efforts to protect and secure PII
    • Coordinate and facilitate tasks to ensure compliance with the Federal privacy laws and regulations such as, the Privacy Act of 1974, as amended, the E-Government Act of 2002, and Office of Management and Budget memorandum and circulars
    • Assist the Senior Agency Official for Privacy (SAOP)/ Chief Privacy Office (CPO) in complying with regulatory requirements such as annual privacy training, privacy risk management and compliance, FISMA requirements and reporting, supporting Exhibit 300 reviews, support for internal and external data calls, and responding to customer service requests
    • Provide privacy training of Agency personnel to include initial New Employee Orientation (NEO) and on-boarding, annual, and role-based trainings to include updating and content development as necessary training
    • Manage of the Privacy Office e-mailbox to include tracking, filing, tasking assignments, and responding to correspondence
    • Maintain and update the internal and external Privacy website pages
    • Support Privacy functions to include all system of record processes such as PTAs, PIAs, Privacy Act Statements, Privacy Policy Notices, SORNs, Forms Reviews, ODPAs, Routine Uses, etc.
    • Assist in the completion of privacy documentation
    • Manage data calls, audit responses, teleconferences on behalf of the CPO in meetings, and serve as technical SME for response to inquiries
    • Manage, monitor and remediate suspected or confirmed Personally Identifiable Information (PII) breaches and provide executive level briefings of incident and remediation
    • Prepare status reports and briefings
    • Remediate audit findings
    • Support reviews and update as necessary website Privacy policies, ADS 508 Privacy Program Policy, Privacy Program SOPs, and all required plans to include the Agency’s Incident Response plan, PII Holdings plan, all training plans, and Social Security Number (SSN) Reduction plan
    • Provide the CISO with Privacy program metrics and related information required to meet the organization’s FISMA SAOP privacy reporting requirements to include the agency’s Incident Response plan, PII Holdings plan, all training plans, and SSN Reduction plan



    • Education:
      • Bachelor’s degree
    • Required Knowledge/Experience:
      • Experience with Privacy Impact Assessments/PIAs
      • Knowledge and experience with NIST Risk Management Framework required
      • 5+ years of working experience in privacy / security related field
      • CIPP/G certification
      • Experience and Competency with:
      • Privacy Programs (PII)
      • Privacy Risk Assessment (PRA) Agency’s processes
        • CSAM (or similar tool i.e. TAF, Archer, Xacta, etc.)
        • Security Authorization and Assessment (SA&A)
        • Tenable Security Center
        • Strong understanding and demonstrated experience applying a risk-based approach to information security and IT assessments
        • Incident Management solutions
        • eDiscovery/Forensic Management solutions
        • Governance & Risk Management & Compliance Support
      • Ability to work in a fast-paced, demanding environment
      • Excellent organizational skills and strong attention to detail
      • Ability to prioritize duties based on shifting demands
      • Strong analytical and problem-solving skills
      • Excellent verbal and written communication skills
    • Preferred Knowledge/Experience:
      • College degree in Information Security or relevant field
      • Security +, SANS, ISC2, or other relevant certification
      • CIPP preferred

    Other Responsibilities

    • Perform other tasks consistent with the goals and objectives of the department/contract
    • Perform other duties as assigned by Sr Program Manager


    Invest in a company that invests in you! Copper River provides its employees with ample opportunities for career growth and development. Tuition reimbursement is offered to help employees further their education and skillset. Other perks include Open Leave, 401k matching with immediate vesting, Medical, Vision, and Dental coverage.


    EEO/AA Employer Minorities/Females/Vets/Disability


    Disclaimer: The above statements are intended to describe the general nature and level of work performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed