HHS - Sr. Privacy Analyst

About The Position

Requirements

• Bachelor’s degree in Privacy, Law, Cybersecurity, Information Systems, Public Policy, or related field.
• Minimum 8–10 years of experience supporting federal privacy programs.
• Expert knowledge of the Privacy Act of 1974, E-Government Act, and OMB Circular A-130.
• Hands-on experience leading PTAs, PIAs, and enterprise privacy assessments.
• Experience supporting privacy incident response and breach risk assessments.
• Knowledge of NIST SP 800-53 privacy controls and integration with RMF.
• Strong written and verbal communication skills with executive-level experience.
• Ability a Public Trust clearance.

Nice To Haves

• Active CIPP/US, CIPM, CISSP, or CISM (preferred)

Responsibilities

• Lead development, review, and maintenance of Privacy Threshold Analyses (PTAs) and Privacy Impact Assessments (PIAs).
• Provide expert guidance on the Privacy Act of 1974, E-Government Act, OMB Circular A-130, and HHS privacy policies.
• Advise system owners, ISSOs, and program managers on privacy risk identification and mitigation strategies.
• Integrate privacy requirements into the RMF lifecycle and Security Control Assessment (SCA) activities.
• Support HRSA Privacy Act Officer and senior leadership on privacy governance and compliance matters.
• Analyze privacy implications of new technologies, cloud services, data sharing initiatives, and system changes.
• Respond to and manage privacy incidents, including breach analysis and risk-of-harm assessments.
• Develop and update privacy policies, procedures, SOPs, and governance documentation.
• Lead and support privacy audits, data calls, and responses to oversight bodies.
• Develop and deliver privacy awareness and role-based training across HRSA.
• Prepare executive briefings, reports, and metrics on privacy posture and compliance status.
• Mentor junior privacy analysts and support continuous improvement of HRSA privacy processes.