W2 Business AnalystConsultant IV (Privacy program process development, NIST RMF) RemoteLocal
Share
Job Location:
Madison, OH - USA
Monthly Salary:
Not Disclosed
Posted on:
3 hours ago
Vacancies:
1 Vacancy
Job Summary
Description:
Excellent communication skills and the ability to engage with stakeholders at all levels translating complex technical and legal ideas to business stakeholders and decision-makers. (8-10 years)
Demonstrated experience in privacy program process development and implementation. (8-10 years)
Strong knowledge of privacy laws and regulations (e.g. GDPR CCPA HIPAA) and NIST Risk Management Frameworks (e.g. NIST RMF NIST PF NIST CSF). (8-10 years)
Expertise in risk management data governance and compliance frameworks.
Experience conducting privacy impact assessments and developing privacy processes.
Strong project management skills with the ability to execute strategic privacy initiatives.
Additional details: Interested contractors should submit a resume highlighting relevant experience in privacy program development particularly with respect to creating processes and communicating with varied stakeholders.
Overview:
Seeking an experienced contractor to design develop and help stand up a comprehensive
privacy program at the Wisconsin Department of Administration. The contractor will be
responsible for developing documenting and as feasible implementing or operationalizing
privacy program policies and plans to enhance privacy governance compliance and risk
management practices for the agency that can later inform enterprise recommendations for all
executive branch agencies.
Scope of Work: Along with legal counsel and others the contractor will perform the following
tasks:
3. Training & Awareness:
Create privacy communication materials best practice guidelines and training.
Develop/recommend best practices to foster a culture of privacy compliance within
the agency.
4. Incident Response & Data Breach Management:
Along with Chief Information Security Officer (CISO) and legal counsel develop
privacy mandates within existing incident response plans.
Along with CISO and legal counsel establish procedures for reporting and
remediating privacy incidents.
5. Vendor & Third-Party Risk Management:
Along with legal counsel conduct privacy assessments of key vendors and
partners.
Along with legal counsel recommend strategies to standardize contracting and
data sharing agreements (DSAs) and/or templatize appropriate data protection
and privacy clauses within contracts.
6. Privacy Technology & Automation:
Assess and recommend privacy-enhancing technologies (PETs) and automation
tools.
Support integration of data/privacy tools and controls into agency IT systems
including the governance risk and compliance (GRC) platform.
Collaborate with IT and security teams to embed privacy by design principles into
all aspects of the system development lifecycle (SDLC).
This role presents an exciting opportunity for an experienced privacy professional to establish a
best-in-class privacy program for a government agency. Interested contractors should submit a
resume highlighting relevant experience in privacy program development particularly with respect
to creating processes and communicating with varied stakeholders.
The client is looking for one (1) Business Analyst/Consultant IV
Will close to submissions on 3/19/26 4:00PM CST.
Top Required Skills & Years of Experience:
Excellent communication skills and the ability to engage with stakeholders at all levels translating complex technical and legal ideas to business stakeholders and decision-makers. (8-10 years)
Demonstrated experience in privacy program process development and implementation. (8-10 years)
Strong knowledge of privacy laws and regulations (e.g. GDPR CCPA HIPAA) and NIST Risk Management Frameworks (e.g. NIST RMF NIST PF NIST CSF). (8-10 years)
Nice to Have Skills:
Expertise in risk management data governance and compliance frameworks.
Experience conducting privacy impact assessments and developing privacy processes.
Strong project management skills with the ability to execute strategic privacy initiatives.
Interview Process: virtual via Teams. Please make sure candidates are able to interview ASAP and have open availability to avoid reschedule requests or delays.
Duration of the Contract: until 6/30/26 with extension likely. Initial contract term is 6-9 months.
Onsite or Remote Must be CURRENT WI residents. No relocation allowed. Primarily remote with 1 day PER MONTH onsite at Madison office.
Project details (project overview who the contractor will work with soft skills needed etc.):
This is a joint initiative between DOAs Division of Legal Services and DOAs Division of Enterprise Technology. The contractor will report to DOAs Lead Privacy Counsel with dotted line reporting responsibilities to the State of Wisconsin Chief Information Officer (CIO) Chief Information Security Officer (CISO) Chief Technology Officer (CTO) and DOAs Data Manager. The contractor will be responsible for developing documenting and as feasible implementing or operationalizing privacy program policies and plans to enhance privacy governance compliance and risk management practices for the agency that can later inform enterprise recommendations for all executive branch agencies.
This is a joint initiative between DOAs Division of Legal Services and DOAs Division of Enterprise Technology. The contractor will report to DOAs Lead Privacy Counsel with dotted line reporting responsibilities to the State of Wisconsin Chief Information Officer (CIO) Chief Information Security Officer (CISO) Chief Technology Officer (CTO) and DOAs Data Manager. The contractor will be responsible for developing documenting and as feasible implementing or operationalizing privacy program policies and plans to enhance privacy governance compliance and risk management practices for the agency that can later inform enterprise recommendations for all executive branch agencies.
Additional details: Interested contractors should submit a resume highlighting relevant experience in privacy program development particularly with respect to creating processes and communicating with varied stakeholders.
Overview:
Seeking an experienced contractor to design develop and help stand up a comprehensive
privacy program at the Wisconsin Department of Administration. The contractor will be
responsible for developing documenting and as feasible implementing or operationalizing
privacy program policies and plans to enhance privacy governance compliance and risk
management practices for the agency that can later inform enterprise recommendations for all
executive branch agencies.
Scope of Work: Along with legal counsel and others the contractor will perform the following
tasks:
1. Policy & Governance Framework Development:
Establish privacy procedures tailored to the agencys operations.
o Establish a privacy governance structure including roles and responsibilities.
o Define key performance indicators (KPIs) for privacy program success.
Establish privacy procedures tailored to the agencys operations.
o Establish a privacy governance structure including roles and responsibilities.
o Define key performance indicators (KPIs) for privacy program success.
2. Regulatory Compliance & Risk Management:
Create processes to ensure compliance with federal state and local privacy laws
and regulations.
Create processes for Privacy Threshold Assessments (PTAS) and Privacy Impact
Assessments (PIAs).
Identify systems that process personally identifiable information (PII) and other
regulated data and identify key stakeholders associated with those systems per
NIST Risk Management Frameworks (e.g. system owner authorizing official
etc.).
Create processes to ensure compliance with federal state and local privacy laws
and regulations.
Create processes for Privacy Threshold Assessments (PTAS) and Privacy Impact
Assessments (PIAs).
Identify systems that process personally identifiable information (PII) and other
regulated data and identify key stakeholders associated with those systems per
NIST Risk Management Frameworks (e.g. system owner authorizing official
etc.).
3. Training & Awareness:
Create privacy communication materials best practice guidelines and training.
Develop/recommend best practices to foster a culture of privacy compliance within
the agency.
4. Incident Response & Data Breach Management:
Along with Chief Information Security Officer (CISO) and legal counsel develop
privacy mandates within existing incident response plans.
Along with CISO and legal counsel establish procedures for reporting and
remediating privacy incidents.
5. Vendor & Third-Party Risk Management:
Along with legal counsel conduct privacy assessments of key vendors and
partners.
Along with legal counsel recommend strategies to standardize contracting and
data sharing agreements (DSAs) and/or templatize appropriate data protection
and privacy clauses within contracts.
6. Privacy Technology & Automation:
Assess and recommend privacy-enhancing technologies (PETs) and automation
tools.
Support integration of data/privacy tools and controls into agency IT systems
including the governance risk and compliance (GRC) platform.
Collaborate with IT and security teams to embed privacy by design principles into
all aspects of the system development lifecycle (SDLC).
Well Qualified Applicant Qualifications & Competencies:
- Knowledge of privacy laws and regulations (e.g. GDPR CCPA HIPAA).
- Experience conducting privacy impact assessments and developing privacy processes.
- Strong project management skills.
- Ability to execute strategic privacy initiatives independently with general/minimal oversight.
- Expertise in risk management data governance and compliance frameworks.
- Professional certifications such as Certified Information Privacy Professional (CIPP) Certified Information Privacy Manager (CIPM) Certified Information Privacy Technologist (CIPT) or similar preferred.
Contract Duration:
Initial contract term: 6-9 months.
Initial contract term: 6-9 months.
Reporting Structure:
This is a joint initiative between DOAs Division of Legal Services and DOAs Division of
Enterprise Technology. The contractor will report to DOAs Lead Privacy Counsel with
dotted line reporting responsibilities to the State of Wisconsin Chief Information Officer
(CIO) Chief Information Security Officer (CISO) Chief Technology Officer (CTO) and
DOAs Data Manager.
This is a joint initiative between DOAs Division of Legal Services and DOAs Division of
Enterprise Technology. The contractor will report to DOAs Lead Privacy Counsel with
dotted line reporting responsibilities to the State of Wisconsin Chief Information Officer
(CIO) Chief Information Security Officer (CISO) Chief Technology Officer (CTO) and
DOAs Data Manager.
This role presents an exciting opportunity for an experienced privacy professional to establish a
best-in-class privacy program for a government agency. Interested contractors should submit a
resume highlighting relevant experience in privacy program development particularly with respect
to creating processes and communicating with varied stakeholders.
Pay rate: $/hr on W2.
Key Skills
- Six Sigma
- Continuous Improvement
- Lean
- Lean Six Sigma
- Process Improvement
- Business Analysis
- Visio
- Business Process Modeling
- Process Mapping
- Business requirements
- Process Management
- Sharepoint
