Halfaker and Associates, an award-winning high growth small business, creates innovative and customer-centric technology solutions in the areas of Cyber Security, Data Analytics, Software Engineering and IT Infrastructure to improve the health, security and well-being of all Americans. Our commitment to excellence and our vision to “Continue to Serve” has resulted in steady growth and an expanding client base across government agencies in the health, defense, security and intelligence sectors. Our strong focus on internal culture has helped Halfaker achieve several workplace awards including Great Place to Work Certification™ and Tampa Bay Top Workplaces. Headquartered in Arlington, VA, we have employees nationwide. Please take a moment to browse through our website and learn more about what it means to serve with Halfaker.
Halfaker has an opening for a PRINCIPAL INFORMATION SECURITY ANALYST (PRIVACY EXPERT) to join our talented, dynamic team. The key responsibilities for this position include:
- Design and Implement a Privacy Center of Excellence (COE) that incorporates best practices in the areas of Privacy services such as data privacy, training, processes
- Work to align advanced technologies and Privacy by Design principles with the IT, from the first stages of development and ensure that the data use meets established regulatory compliance needs
- Establish and/or support establishment of a Privacy Management Program
- Identify and recommend improvements to the Privacy Management Program and implement any changes approved by FSC management
- Support implementation of Privacy policies and procedures mandated by VA or federal regulation
- Analyze, design developing technical solutions and systems to help mitigate privacy vulnerabilities and prevent potential future privacy risks
- Support the establishment of privacy-focused operations
- Monitor compliance with all Privacy policies and procedures
- Identify, document, and address Privacy issues or violations in the Privacy Issues and Violation Report
- Implement and support a Continuous Privacy Risk Assessment methodology to ensure the FSC Privacy posture meets compliance with privacy regulations and policies in these areas
- Identify and recommend privacy controls and tools with the goal of strengthening the FSC posture in this area to protect data
- Responsible for defining milestones, briefing software vendors, success criteria, resource allocation and project managing successful on-time delivery of new privacy requirements and features
- Establish with VA management and Operations a mechanism to track access and authorizations to protected health information (PHI), personally identifiable information (PII), sensitive data such as tax payer identification number and credit card data, to allow approved individuals to review or receive a report on such activity and ensure compliance
- Guide the development of new privacy products and features based on VA objectives set by Privacy and Legal
Required Skills
- Outstanding program management with ability to manage multiple, cross-functional projects simultaneously
- Excellent analytical and problem-solving skills
- Ability to balance risks in ambiguous and complex situations
- Demonstrated teamwork and collaboration skills, in leading or contributing to multi-functional teams
- Highly motivated to contribute and grow within a complex area of emerging importance
- Experience or understanding of software applications design tools and languages
- Excellent communication skills (verbal and written), ability to influence
- Demonstrated working knowledge of software engineering fundamentals
- National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37 Revision 2 as a guideline for establishing the Security and Privacy Management program
- Health Insurance Portability and Accountability Act (HIPAA)
- Health Information Technology for Economics and Clinical Health Act (HITECH)
- NIST 800-53 Privacy Section
Required Experience
- Bachelor's in Computer Science or related field
- 4 years of additional relevant experience may be substituted for education
- 10+ years of knowledge and experience in Privacy Management, Data Protection or Digital Information Governance
Halfaker and Associates, LLC, is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/ Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for most positions.