Summary
This position is located in the Department of Health & Human Services (HHS), Centers for Medicare & Medicaid Services (CMS), Office of Information Technology,(OIT), Information Security and Privacy Group (ISPG) . As a Privacy Engineer, GS-2210-13, you will design, implement, and maintain privacy-by-design principles and privacy-enhancing technologies across CMS information technology systems, networks, and applications to ensure compliance with federal privacy laws.
Duties
Perform systematic analysis of IT systems, applications, and data flows to identify privacy risks and ensure privacy controls are properly implemented within the framework of Federal Regulations.,Perform systematic analysis of IT systems, applications, and data flows to identify privacy risks and ensure privacy controls are properly implemented.,Develop and execute strategies for comprehensive privacy engineering and data protection across the enterprise.,Prepare internal and external reports that may include providing audit liaison support to IT operations, such as Federal Information Security Act (FISMA), Chief Financial Officer, Office of Inspector General (OIG), and others as directed.,May serve as a Contracting Officer Representative (COR) and formulate project plans, statements of work (SOW) and budgets in support of privacy engineering and data protection initiatives.
Job Requirements
Qualifications
ALL QUALIFICATION REQUIREMENTS MUST BE MET BY THE CLOSING DATE OF THIS ANNOUNCEMENT. Your resume (limited to no more than 2 pages) must include detailed information as it relates to the responsibilities and specialized experience for this position. Evidence of copying and pasting directly from the vacancy announcement without clearly documenting supplemental information to describe your experience will result in an ineligible rating. This will prevent you from being considered further. There is a BASIC REQUIREMENT AND MINIMUM QUALIFICATION REQUIREMENT for this position. You must meet both requirements. BASIC REQUIREMENT: You must have IT-related experience demonstrating each of the four competencies listed: 1) Attention to Detail - Is thorough when performing work and conscientious about attending to detail. 2) Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. 3) Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. 4) Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. AND In order to qualify for the GS-13 grade level, you must meet the following: You must demonstrate in your resume at least one year (52 weeks) of qualifying specialized experience equivalent to the GS-12 grade level in the Federal government, obtained in either the private or public sector, to include: 1. Conducting PIAs (Privacy Impact Assessment) , data flow analyses, and privacy control testing per the Privacy Act, HIPAA, FISMA, NIST, and OMB guidance; delivered risk-based recommendations to senior leadership, AND; 2. Applying privacy-by-design principles within the Software Development Life Cycle (SDLC), including architecture reviews and privacy-enhancing technologies (data minimization, anonymization, pseudonymization) to protect PII and PHI, AND; 3. Preparing executive briefings, compliance reports, and audit documentation; supported FISMA and OIG audits; and tracked privacy gap remediation through resolution, AND; 4. Monitoring legislative, regulatory, and technology changes affecting privacy; contributed to incident response planning; and collaborated with federal and private-sector stakeholders to resolve privacy and data protection issues. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional, philanthropic, religious, spiritual, community, student, social). Volunteer work helps build critical competencies, knowledge, and skills, and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. Click the following link to view the occupational questionnaire: https://apply.usastaffing.gov/ViewQuestionnaire/12947366
Education