Privacy, Policy, Governance Analyst

job summary:

Seeking an experienced contractor to design, develop, and help stand up a comprehensive privacy program. The contractor will be responsible for developing, documenting, and, as feasible, implementing or operationalizing, privacy program policies and plans to enhance privacy governance, compliance, and risk management practices for the agency, that can later inform enterprise recommendations for all executive branch agencies.

This role presents an exciting opportunity for an experienced privacy professional to establish a best-in-class privacy program for a government agency. Interested contractors should submit a resume highlighting relevant experience in privacy program development, particularly with respect to creating processes and communicating with varied stakeholders.

location: Madison, Wisconsin

job type: Contract

salary: $50 - 52 per hour

work hours: 8am to 5pm

education: Bachelors



responsibilities:

Policy & Governance Framework Development:

Establish privacy procedures tailored to the agency's operations. Establish a privacy governance structure, including roles and responsibilities. Define key performance indicators (KPIs) for privacy program success.

Regulatory Compliance & Risk Management:

Create processes to ensure compliance with federal, state, and local privacy laws and regulations. Create processes for Privacy Threshold Assessments (PTAs) and Privacy Impact Assessments (PIAs). Identify systems that process personally identifiable information (PII) and other regulated data, and identify key stakeholders associated with those systems per NIST Risk Management Frameworks ( e.g., system owner, authorizing official, etc.).

Training & Awareness:

Create privacy communication materials, best practice guidelines, and training. Develop/recommend best practices to foster a culture of privacy compliance within the agency.

Incident Response & Data Breach Management:

Along with Chief Information Security Officer (CISO) and legal counsel, develop privacy mandates within existing incident response plans. Along with CISO and legal counsel, establish procedures for reporting and remediating privacy incidents.

Vendor & Third-Party Risk Management:

Along with legal counsel, conduct privacy assessments of key vendors and partners. Along with legal counsel, recommend strategies to standardize contracting and data sharing agreements (DSAs) and/or templatize appropriate data protection and privacy clauses within contracts.

Privacy Technology & Automation:

Assess and recommend privacy-enhancing technologies (PETs) and automation tools. Support integration of data/privacy tools and controls into agency IT systems, including the governance, risk, and compliance (GRC) platform. Collaborate with IT and security teams to embed privacy by design principles into all aspects of the system development lifecycle (SDLC).

qualifications:

- Excellent communication skills and the ability to engage with stakeholders at all levels, translating complex technical and legal ideas to business stakeholders and decision-makers.

- 8+ years of demonstrated experience in privacy program process development and implementation.

- 8+ years of experience with NIST Risk Management Frameworks (e.g., NIST RMF, NIST PF, NIST CSF).

Well Qualified Applicant Qualifications & Competencies:

- Knowledge of privacy laws and regulations (e.g., GDPR, CCPA, HIPAA).

- Experience conducting privacy impact assessments and developing privacy processes.

- Strong project management skills.

- Ability to execute strategic privacy initiatives independently, with general/minimal oversight.

- Expertise in risk management, data governance, and compliance frameworks.

- Professional certifications such as Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), Certified Information Privacy Technologist (CIPT) or similar preferred.

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact

Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).

This posting is open for thirty (30) days.