Privacy Risk Assessor II

Description

Job Title: Privacy Risk Assessor II 

Department: Operations – Services 

Reports To: RavenTek Program Manager

Location: Remote 

Schedule: Monday – Friday 

Hours: Full-time, 40-hours/week

FLSA Status: Salary, Exempt

Clearance: Public Trust 

Position Summary

The Privacy Risk Assessor II position will support the U.S. Securities and Exchange Commission (SEC), providing support to the other Units and Offices within the SEC to ensure the success of the program’s mission. The performance of the Privacy Risk Assessor II position is key to RavenTek's performance on the SEC program, and therefore RavenTek’s mission to support the customer.  

Requirements

Essential Duties and Responsibilities

• Review, develop, and maintain privacy compliance documentation, including PTAs, PIAs, and SORNs.
• Develop and update plans and strategies to ensure compliance with applicable privacy laws, regulations, policies, and standards.
• Draft and review privacy disclosure statements to align with current legal requirements.
• Assess federal privacy programs for compliance and maturity against OMB and NIST privacy and security frameworks.
• Develop and maintain standard operating procedures to enhance privacy and cybersecurity initiatives.
• Collaborate with stakeholders across departments and business units to implement privacy programs and align objectives with security policies.
• Monitor evolving information privacy laws and regulations to ensure organizational compliance and adaptation.
• Support privacy program evaluations using governance, risk, and compliance (GRC) tools to track and monitor privacy controls. 
• Enter actual time worked, once complete, at the end of the day, or no later than 10:00 a.m. the following workday, and submit timesheets at the end of each pay period.
• Provide Monthly Status Report (MSR) to RavenTek Program Manager by deadline provided. 
• Enter actual time worked, once complete, at the end of the day, or no later than 10:00 a.m. the following workday, and submit timesheets at the end of each pay period. 
• Monitor and respond to RavenTek email a minimum of 3 times per week.  
• Other duties as assigned. 

Knowledge and Critical Skills

• Excellent verbal and written communication skills and interpersonal skills, including developing collegial relationships with colleagues at all levels. 
• Excellent analytical skills, including attention to detail. 
• Ability to work in a team environment in a positive manner. 
• Ability to maintain a high level of professionalism in a fast-paced work environment. 
• Ability to work both independently and under supervision. 
• Ability to develop plans and strategy in compliance with laws, regulations, policies, and standards, in support of organizational cyber activities.
• Ability to tailor technical and planning information to a customer’s level of understanding.
• Ability to work across departments and business units to implement organization’s privacy principles and programs and align privacy objectives with security objectives.

Education & Work Experience

• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• 5+ years of experience working in a professional environment. 
• 2+ years of experience supporting federal privacy programs.
• Experience with monitoring advancements in information privacy laws to ensure organizational adaptation and compliance.
• Experience with assessing maturity and compliance of privacy programs using different frameworks and standards.
• Experience with implementing privacy requirements from the OMB and NIST.
• Experience with various Governance, Risk, and Compliance tools for monitoring and tracking privacy controls.

Certifications, Licenses

• CIPP/US, CIPP/G, CIPT, CIPM or CDPSE certification is preferred. 

Special Requirements

• Ability to obtain a Public Trust clearance.

Work Environment

Employee will be working indoors in an office environment with other people. Potential moderate temperature fluctuations. Typical indoor and computer related noise level, and typical office, paper, and equipment related dust. Exposure to video display terminals occurs on a regular basis. 

Physical Demands

To successfully perform the essential functions of the job, the employee needs to be able to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; talk and hear; see to read printed materials and computer screens; mobility to work in a typical office setting. Ability to work on desktop or laptop computer for extended periods of time reading, reviewing/analyzing information, and may be required to provide recommendations, summaries and/or reports in written format. Must be able to effectively communicate with others verbally and in writing. Employee must be able to lift and/or move moderate amounts of weight, typically up to 20 pounds. Regular and predictable attendance is essential.

ADA: RavenTek will make reasonable accommodations in compliance with the Americans with Disabilities Act of 1990. 

EEO/AA: RavenTek does not discriminate based on race, color, national origin, sex, religion, age, disability, sexual orientation, gender identity, veteran status, height, weight, or marital status in employment or the provision of services and is an equal access/equal opportunity/affirmative action employer. 

This job description is not intended to be an all-inclusive list of duties and standards of the position and will be reviewed periodically as duties and responsibilities change with business necessity. Essential job functions are subject to modification. Incumbents will follow any other instructions, and perform any other related duties, as assigned by their supervisor.