Job opening: Senior Privacy Engineer
Salary: $98 496 - 172 075 per year
Published at: Nov 03 2023
Employment Type: Full-time
See below for important information regarding this job.
Position will be filled at any of the locations listed below. Site specific salary information as follows:
Battle Creek, MI: $98,496 - $151,308
Columbus, OH: $102,529 - $157,503
Dayton, OH: $101,954 - $156,620
Fort Belvoir, VA: $112,015 - 172,075
New Cumberland, PA: $112,015 - $172,075
Ogden, UT: $98,496 - $151,308
Philadelphia, PA: $108,084 - $166,036
Richmond, VA: $102,622 - $157,646
Duties
Serves as the Senior Privacy Engineer ensuring privacy compliance within the DLA Risk Management Framework (RMF).
Works with DLA ISSMs to ensure evidentiary materials necessary to document both privacy specific, and privacy related, control compliance documentation has been placed into DLA's Enterprise Mission Assurance Support Service (eMASS) application.
Provides direct support for DLA's efforts to ensure that the technical, administrative, and physical safeguard requirements are integrated into the DLA Information Technology life cycle and DLA's implementation of the RMF.
Implements compliance review policies and procedures for DLA information systems and support ongoing authorization practices for privacy and data protection considerations.
Responsible for designating system-specific, hybrid, or common controls and defining which NIST SP 800-53 privacy controls are available for inheritance.
Works with program managers and ISSMs to review information system designs, early in an information system's life cycle, to identify privacy exposures, risks, and propose potential mitigations.
Leads the analysis of privacy design requirements through sound design methodology, efficient privacy control application, and effective configuration practices.
Develops a risk management and compliance framework for privacy at DLA.
Documents DLA applications' privacy design and the implementation of the appropriate Privacy Overlay assigned security and privacy controls to ensure the application protects the confidentiality and integrity of PII.
Prepares a variety of reports for the annual Federal Information Security Modernization Act (FISMA) reporting.
Prepares a variety of reports that include, but are not limited to, audit reports that identify technical and procedural findings, recommended remediation strategies/solutions, and DLA artifacts and documents.
Requirements
- Must be a U.S. citizen
- Tour of Duty: Set Schedule
- Security Requirements: Critical-Sensitive with Top Secret
- Appointment is subject to the completion of a favorable suitability or fitness determination, where reciprocity cannot be applied; unfavorably adjudicated background checks will be grounds for removal.
- Fair Labor Standards Act (FLSA): Exempt
- Selective Service Requirement: Males born after 12-31-59 must be registered or exempt from Selective Service.
- Recruitment Incentives: Not Authorized
- Bargaining Unit Status: Yes
- This position and any future selections from this announcement may be used to fill future vacancies for various shifts located anywhere within DLA Information Operations J6.
Qualifications
To qualify for a Senior Privacy Engineer your resume and supporting documentation must support:
A. Specialized Experience: One year of specialized experience that equipped you with the particular competencies to successfully perform the duties of the position, and is directly in or related to this position. To qualify at the GS- 14 level, applicants must possess one year of specialized experience equivalent to the GS-13 level or equivalent under other pay systems in the Federal service, military, or private sector. To qualify at the GS-13 level, applicants must possess one year of specialized experience equivalent to the GS-12 level or equivalent under other pay systems in the Federal service, military, or private sector. Applicants must meet eligibility requirements including time-in-grade (General Schedule (GS) positions only), time-after-competitive appointment, minimum qualifications, and any other regulatory requirements by the cut- off/closing date of the announcement. Creditable specialized experience includes: (If selected at the GS-13 level, duties will be performed in a developmental capacity).
- GS-14: Conducting privacy engineering compliance activities for several agency systems as part of the System Development Life Cycle (SDLC) process and serves as the technical subject matter expert (SME) for implementing and/or assessing privacy-relevant security control compliance, conducting continuous monitoring of privacy controls, and participating in the ongoing authorization practices for data privacy considerations. Advising the Privacy Program Team on risk levels and privacy posture of the Agency and agency systems and identifies and interprets patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the agency's privacy program.
- GS-13: Demonstrating program/project management functions to organize, analyze, evaluate, and coordinate a variety of services and dissimilar functions and activities into logical and efficient efforts by which a specific, desired result may be achieved. Conducting and implementing security and privacy controls assessments resulting from laws, regulations, instructions, standards, circulars, and other directives to provide authoritative advice on the technical, administrative, and physical safeguard requirements of a Military Service or DoD Component's Privacy program and related
issues.
For all positions individuals must have IT-related experience demonstrating each of the four competencies listed:
1. Attention to Detail - Is thorough when performing work and conscientious about attending to detail.
2. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.
3. Oral Communication - Expresses information (f or example, ideas or facts) to individuals or groups
effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.
4. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.
Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional, philanthropic, religious, spiritual, community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.
Education
Substitution of education may not be used in lieu of specialized experience for this grade level.
Contacts
- Address DLA Information Operations J6
8725 John J Kingman Rd
Ft Belvoir, VA 22060-6221
US
- Name: Crystal Wilborn
- Phone: 717-770-2919
- Email: [email protected]