Privacy Specialist, Grant Thornton, Washington, DC

Grant Thornton is seeking a privacy analyst practitioner with at least 2 years of experience in the Federal, State and/or Local Public Sector environments. Grant Thornton is expanding its Cybersecurity and Privacy practice as this area has been a hot topic within the Federal government with the Office of Management and Budget's (OMB) High Value Asset program where data was identified as a key asset at 100% of Federal agencies and OMB reported that Federal data is not well protected. Grant Thornton is striving to stay ahead of the latest evolving cybersecurity threat landscape with an established, national privacy practice embedded within the larger cybersecurity practice. Because of the ongoing threat of data breaches, privacy is becoming a key component of NIST's (National Institute of Standards and Technology) Cybersecurity Framework, Risk Management Framework and NIST Special Publications (SP) 800-53.

Primary Responsibilities:

  • Supporting privacy program development, maintenance activities, and documentation packages for federal and government clients
  • Ability to conduct privacy program assessments using frameworks such as NIST Special Publication (SP) 800-53 Rev. 4
  • Consulting with and assisting clients on federal government privacy processes and requirements including
    • Privacy Impact Assessments (PIAs)
    • Privacy Risk Assessments
    • System of Records Notice (SORN)
    • Privacy Incident Response Plans
    • Complaint management
    • Training and awareness programs
  • Creation of privacy plans to include content and development of control implementation description responses
  • Creation of evidence and artifact repositories for privacy tracking to applicable privacy controls
  • Collaboration with other privacy analysts, engineers, architects, and security architects for adjustments to design/build activities to meet privacy controls and standards for internal privacy and federal government compliance requirements
    • Participation in proposal development as a Privacy Specialist
    • Participation in client projects, branding, and professional organizations as a Privacy Specialist

Preferred Certification: CIPP/US

  • Must be able to clearly articulate information to leadership, clients, and stakeholders
  • Must have an understanding of government privacy systems, the Privacy Act of 1974, HIPPA and other privacy laws, standards, policies and requirements
  • Should be familiar with FISMA and an understanding of the NIST SPs and Federal Information Processing Standards (FIPS) series
  • Experience with OneTrust preferred, but not required

Application Submission Information: brad.mccoy@gt.com.