Summary
As a Government Information Specialist (Privacy Program Manager & Enterprise Risk Management Analyst) with OPM, you will serve as the agency's senior technical authority for privacy compliance and enterprise privacy risk management, providing expert guidance to leadership on complex, sensitive, and high-visibility privacy issues and ensuring consistent application of privacy requirements across OPM programs, systems, and technologies.
Duties
Provide senior-level technical leadership for the development, implementation, and continuous improvement of OPM's privacy program. Interpret and apply federal privacy statutes, OMB guidance, and government-wide policy to agency programs, systems, records, and emerging technologies. Direct and coordinate agency-wide implementation of privacy policies and procedures to ensure consistent and defensible compliance. Advise senior leadership on complex privacy matters, including oversight inquiries, risk assessments, and initiatives involving new technologies. Lead or contribute to privacy impact assessments, systems of records notices, and enterprise-level privacy risk reviews. Conduct quality assurance and risk reviews of privacy activities and recommend corrective actions to address systemic issues. Develop and deliver privacy training and provide expert technical assistance to program officials and stakeholders. Support Enterprise Risk Management (ERM) program activities including the management of the Risk Management Council.
Job Requirements
Must be a U.S. Citizen or National Males born after 12-31-59 must be registered for Selective Service Suitable for Federal employment, determined by a background investigation May be required to successfully complete a probationary period Candidates will not be hired based on their race, sex, color, religion, or national origin Complete the initial online assessment and USAHire Assessment, if required This position is not eligible for inclusion in a bargaining unit
Qualifications
Applicants must have one year of specialized experience equivalent to the GS-14 level in the federal service (or equivalent) that includes all of the following: Leading or overseeing enterprise privacy incident and data breach response, including implementation of breach response plans, coordination with cybersecurity, legal, and senior leadership, and ensuring timely reporting, mitigation, and corrective actions; Analyzing enterprise-level patterns and trends in privacy incidents, compliance deficiencies, or control failures to identify systemic risk and developing or enforcing corrective actions across programs, systems, or external partners; Assessing and managing privacy risks associated with contractors, vendors, or third-party systems, including oversight of incident reporting, remediation, and corrective actions related to external services or environments; and Leading the development or implementation of agency-wide privacy governance, policy, or risk documentation that integrates privacy, emerging technology risks such as artificial intelligence, and records management considerations into enterprise risk management or compliance decisions. Applicants must meet applicable time-in-grade requirements to be considered eligible. One year at the GS-14 level is required to meet the time-in-grade requirements for the GS-15 level. You must meet all qualification and eligibility requirements by the closing date of this announcement. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.
Education