[Remote] HHS - Privacy SME/Privacy Analyst

Note: The job is a remote job and is open to candidates in USA. cFocus Software seeks a Privacy SME/Privacy Analyst to join our program supporting the Department of Health and Human Services (HHS). The role involves providing privacy policy guidance, developing and maintaining privacy assessments, and ensuring compliance with privacy regulations. Responsibilities • Advise and provide privacy policy guidance to the COR, HRSA leadership, system owners, ISSOs, and program staff • Review and analyze new and existing HHS, OMB, and federal privacy policies and assess impacts to HRSA systems and programs • Support development, review, and maintenance of Privacy Impact Assessments (PIAs) and Privacy Threshold Analyses (PTAs) • Coordinate with ISSOs and system owners to identify privacy risks and ensure appropriate mitigation strategies • Support the HRSA Privacy Act Officer in ensuring compliance with Privacy Act requirements and regulations • Develop, update, and maintain HRSA privacy policies, procedures, plans, and governance documentation • Plan, develop, and conduct privacy awareness and role-based training; develop templates and guidance materials • Educate HRSA Offices and Bureaus on proper handling, safeguarding, and dissemination of Personally Identifiable Information (PII) • Respond to privacy incidents and conduct risk-of-harm assessments in coordination with SOC, legal, and leadership • Assess privacy controls as part of the Security Control Assessment (SCA) and RMF processes • Maintain awareness of emerging privacy risks, technologies, and regulatory changes • Prepare privacy-related briefings, reports, and documentation for leadership, auditors, and oversight bodies • Participate in meetings, working groups, and data calls related to privacy management activities Skills • Bachelor's degree in Privacy, Law, Cybersecurity, Information Systems, Public Policy, or related field • Minimum 5–8 years of experience supporting federal privacy programs • Demonstrated experience with Privacy Act of 1974, E-Government Act, and OMB Circular A-130 • Hands-on experience developing and reviewing PTAs, PIAs, and privacy governance documentation • Knowledge of NIST SP 800-53 privacy controls and integration with RMF processes • Experience supporting privacy incident response and breach risk assessments • Strong written and verbal communication skills with ability to translate complex requirements • Ability to obtain a Public Trust clearance • CIPP/US, CIPM, CISSP, or CISM certification Company Overview • cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint. It was founded in 2006, and is headquartered in Largo, Florida, USA, with a workforce of 11-50 employees. Its website is Apply tot his job