Job Title: Business Analyst (Privacy/Compliance)
Job Function: Business Analyst (Privacy/Compliance)
Job Type: Contract
Location: Hybrid role- 3 days onsite and 2 days remote in Crystal City, VA*** Must be US Citizen with Active Secret ClearanceScope of Job:Our client, a well-known government contractor, is seeking a Business Analyst (Privacy/Compliance) who will contribute to the tracking, interpretation of guidance, and coordination of the agency's IT-related task(s). This includes Privacy Program coordination, IT Security Coordination meetings and facilitation, and IT self-inspection activities.
Responsibilities:- Provide support to the PM's and/or System Owners to complete an Initial Privacy Assessment (IPA), Privacy Impact Assessment (PIA), Plan of Action & Milestones (POAMs), and System of Records Notices (SORNs), or any other documentation required to satisfy the agency's Cybersecurity and Privacy compliance requirements.
- Track all system Authority to Operate (ATO) decisions, IPAs, PIAs, POAMs, SORNs that are being developed and have been approved.
- Provide on-going support of the privacy documentation status sheet in order to track status.
- Provide support for on-going agency system inventory as it pertains to privacy concerns.
- Provide support to coordinate and facilitate quarterly review meetings to ensure systems risks identified and monitored at this level.
- Prepare all meeting materials such as but not limited to, agenda's, meeting minutes, actions, copies of the IPAs, PIAs, POAMs, SORNs and reports to be used during the discussion.
- Provide support to client throughout the year by tracking and maintaining IPAs, PIAs, POAMs, SORNs. This includes working with program offices to ensure that IPAs, PIAs, POAMs, SORNs are being completed and assisting stakeholders with outstanding issues.
- Utilize the internal systems, which the agency uses to track IPAs, PIAs, POAMs, SORNs.
- Provide technical support to include technical advice on security requirements for highly specialized application(s), technical report preparation, or other services as required.
- Design, prepare and deliver IT security related presentations; review and provide written comments on IT security related artifacts to include but not limited to: IT Security directives, policies, guidelines, plans, and procedures; briefings in response to internal and external cybersecurity data calls; and IT security related requests.
- Coordinate and facilitate regular security coordination meetings, as required.
- Have knowledge of the following IT Frameworks, Methodologies and Federal Policies:
- Privacy Act of 1974
- The E-Government Act of 2001
- OMB Circular A-130 Appendix I and II
- National Institute of Standards and Technology (NIST) Cyber Security Framework
- NIST Special Publication 800-53 / Revision 5
- Personally Identifiable Information (PII)
- Privacy Controls / Security Controls
- Privacy Status Reporting
- Privacy Compliance standards, methods, and artifacts
- Risk Management Framework (RMF)
- Federal Information Security Management Act of 2002 (FISMA)
Tools:- MS Office Suite (Outlook, Word, Excel, PowerPoint, Visio)
- MS SharePoint
- MS Power BI
- Cyber Security Assessment & Management (CSAM)
- ServiceNow
General Skills:- Providing Weekly and Monthly Status Reporting
- Providing meeting support (facilitate meetings, prepare agenda, prepare project briefings, present to the stakeholders, document and distribute meeting minutes, and track actions)
- Flexibility is a must, as well as the ability to work in a collaborative team environment.
- Exceptional organizational skills with the ability to coordinate multiple work streams, multi-task, and work well under tight deadlines.
Required Qualifications:
- Bachelor's Degree (BS/BA in Computer Science, Information Systems, Engineering, Business, Physical Science, or other technology) or equivalency.
- 6-8 years of relevant experience
- Must have a minimum of Secret Clearance
Equal Opportunity Statement:RCM is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
DisclaimerThis job description is intended to describe the general nature and the level of the work being performed by the people assigned to this position. It is not intended to include every job duty and responsibility specific to the position. RCM reserves the right to amend and change responsibilities to meet business and organizational needs as necessary.
Please call or e-mail Vince Girardi RCM if you're qualified and interested in this position: 973-658-3155 - vince,girardi@rcmt.com
#Monster •
Last updated on Sep 29, 2023