Gov Info Specialist SME -Privacy Senior (Lead)

Koniag Government Services, LLCWashington, DC
$165,000 - $190,872Onsite

About The Position

Koniag Data Solutions, LLC, a Koniag Government Services company, is seeking an experienced Government Information Specialist SME – Privacy Senior Lead to support the U.S. Small Business Administration (SBA). The ideal candidate is a highly skilled federal privacy professional with extensive expertise in government information management, privacy program leadership, and the application of federal privacy law and policy within a complex federal agency environment. This individual will serve as the senior subject matter expert (SME) for all privacy-related activities supporting the SBA, providing authoritative guidance, strategic leadership, and hands-on program management to ensure the agency's information handling practices, systems, and policies fully comply with applicable federal privacy statutes, regulations, and OMB directives. The Government Information Specialist SME – Privacy Senior Lead will serve as the authoritative privacy expert and program lead responsible for directing and managing all aspects of SBA's privacy program, ensuring the agency's compliance with federal privacy laws, regulations, and policies while fostering a culture of privacy awareness and accountability across the organization.

Requirements

  • Bachelor's degree in Information Management, Law, Public Administration, Cybersecurity, Information Technology, or a related field from an accredited college or university.
  • 10+ years of progressive experience in federal privacy program management, government information management, or a closely related field, with at least 5 years in a senior lead or SME role.
  • Demonstrated extensive experience managing federal agency privacy programs, including direct experience with PIAs, SORNs, PTAs, and Privacy Act compliance within a federal civilian agency environment.
  • In-depth knowledge and demonstrated application of federal privacy laws, regulations, and guidance, including the Privacy Act of 1974, E-Government Act of 2002, OMB Circular A-130, and applicable OMB privacy memoranda and directives.
  • Certified Information Privacy Professional/Government (CIPP/G)
  • Certified Information Privacy Manager (CIPM)
  • Certified Information Privacy Technologist (CIPT)
  • Certified Information Systems Security Professional (CISSP)
  • Fellow of Information Privacy (FIP)
  • Exceptional communication skills in English – both written and oral – with the ability to clearly and persuasively communicate complex privacy law, policy, and program management concepts to diverse audiences, including technical staff, program managers, senior agency leadership, legal counsel, OMB, and congressional oversight bodies.
  • Authoritative expertise in federal privacy law, regulation, and policy, including the Privacy Act of 1974, the E-Government Act of 2002, OMB Circular A-130, and all applicable OMB privacy memoranda, directives, and guidance documents.
  • Deep experience developing, reviewing, and maintaining the full suite of federal privacy program documentation, including PIAs, SORNs, PTAs, privacy policies, privacy program plans, and computer matching agreements.
  • Expert-level proficiency in applying NIST privacy frameworks and guidelines, including NIST SP 800-53 Privacy Controls, NIST SP 800-122, and the NIST Privacy Framework, to the management and continuous improvement of federal agency privacy programs.
  • Demonstrated experience integrating privacy requirements and controls into the NIST RMF and ATO process, including the selection, implementation, assessment, and documentation of privacy controls within federal system authorization activities.
  • Strong expertise in personally identifiable information (PII) and sensitive PII (SPII) management, including data classification, data minimization, data retention, and the implementation of technical and administrative controls to protect personal information throughout its lifecycle.
  • Experience leading privacy incident investigations and breach response activities, including compliance with OMB breach notification requirements, federal reporting timelines, and coordination with oversight bodies and affected individuals.
  • Demonstrated ability to develop and deliver effective, engaging privacy awareness training programs and educational materials tailored to diverse federal agency audiences, including executives, program staff, IT personnel, and contractors.
  • Experience conducting comprehensive privacy compliance assessments and audits, identifying gaps and risks, and developing and overseeing corrective action plans and remediation strategies.
  • Strong knowledge of data governance principles and demonstrated experience developing and maintaining enterprise data inventories, data flow documentation, and PII mapping across complex federal agency environments.
  • Experience developing and negotiating data sharing agreements, CMAs, MOUs, and other inter-agency data arrangements involving PII, ensuring compliance with Privacy Act requirements and federal data sharing policies.
  • Familiarity with cloud computing privacy and security considerations, including the privacy implications of cloud service adoption, FedRAMP authorized environments, and the assessment of cloud service provider privacy practices.
  • Strong leadership, organizational, and program management skills, with the ability to direct a privacy program, manage multiple concurrent priorities, and effectively influence stakeholders across a large, complex federal agency.
  • Ability to obtain and maintain a Public Trust Clearance.

Nice To Haves

  • Master's degree or Juris Doctor (JD) in Law, Information Management, Public Administration, Cybersecurity, or a related field, with a focus on privacy law, federal regulatory compliance, or information governance.
  • 12+ years of federal privacy program management experience, with demonstrated experience supporting a federal civilian agency of comparable size, complexity, and mission profile to the SBA
  • Experience serving as or directly supporting a Senior Agency Official for Privacy (SAOP) or Chief Privacy Officer (CPO) at a federal agency.
  • Prior experience supporting SBA or other federal civilian agency privacy programs, with demonstrated knowledge of SBA's mission, organizational structure, information systems, and privacy program maturity.
  • Experience supporting federal agency responses to Freedom of Information Act (FOIA) requests and managing the intersection of FOIA and Privacy Act obligations, including exemption analysis and inter-agency coordination.
  • Knowledge of records management principles and federal records management requirements, including NARA guidance and federal records schedules, and their intersection with privacy program obligations and PII lifecycle management.
  • Familiarity with emerging federal privacy policy developments, including executive orders, OMB guidance, and legislative proposals related to artificial intelligence, data analytics, data sharing, and emerging technology privacy considerations.
  • Experience with privacy engineering concepts and the application of privacy by design methodologies to federal IT system development, procurement, and modernization activities.
  • Knowledge of international privacy frameworks, including the General Data Protection Regulation (GDPR) and other international data protection regimes, and their potential implications for SBA's international program activities and data sharing arrangements.
  • Experience supporting federal agency Inspector General (OIG) audits, GAO reviews, or congressional oversight activities related to privacy program compliance and performance.
  • Familiarity with small business program data, financial assistance data, loan program records, and other SBA mission-specific data types and their unique privacy, sensitivity, and compliance considerations
  • Experience with privacy compliance monitoring tools, data loss prevention (DLP) technologies, and information rights management (IRM) solutions within a federal environment.
  • Certified Information Privacy Professional/United States (CIPP/US) or Certified Information Privacy Professional/Europe (CIPP/E) certification.
  • Experience contributing to federal agency privacy strategic planning, privacy program maturity assessments, and the development of multi-year privacy program improvement roadmaps.

Responsibilities

  • Serve as the senior subject matter expert (SME) and program lead for all privacy activities supporting the SBA, providing authoritative technical and policy guidance to SBA leadership, program offices, IT teams, legal counsel, and contracting staff on all matters related to federal privacy law, regulation, and program management.
  • Lead the development, implementation, and continuous improvement of SBA's comprehensive privacy program, ensuring alignment with the Privacy Act of 1974, the E-Government Act of 2002, OMB Circular A-130, applicable OMB privacy memoranda, and all other federal privacy statutes, regulations, and directives applicable to SBA's mission and operations.
  • Oversee and manage the full lifecycle of SBA's privacy program documentation, including Privacy Impact Assessments (PIAs), System of Records Notices (SORNs), Privacy Threshold Analyses (PTAs), privacy policies, privacy program plans, and other required privacy artifacts, ensuring all documentation is accurate, complete, current, and compliant with federal requirements.
  • Provide senior-level expert guidance on the identification, categorization, and protection of personally identifiable information (PII) and sensitive PII (SPII) across SBA's enterprise systems, business processes, and data sharing activities, ensuring appropriate safeguards and controls are in place to protect personal information throughout its lifecycle.
  • Lead and oversee privacy impact assessments and privacy threshold analyses for new and modified SBA IT systems, programs, and business processes, evaluating privacy risks, recommending mitigation measures, and ensuring privacy considerations are integrated into system design and development from inception.
  • Collaborate with SBA's Senior Agency Official for Privacy (SAOP), legal counsel, IT leadership, system owners, and program offices to embed privacy by design principles into SBA's technology investments, procurement activities, and business process development.
  • Lead the integration of privacy requirements and controls into SBA's NIST Risk Management Framework (RMF) and Authorization to Operate (ATO) processes, ensuring privacy controls are appropriately selected, implemented, assessed, and documented in accordance with NIST SP 800-53 and the NIST Privacy Framework.
  • Develop and lead the delivery of comprehensive privacy awareness training programs, targeted privacy training, and educational briefings for SBA personnel, contractors, and leadership, ensuring all individuals with access to SBA systems and data understand their privacy responsibilities and obligations.
  • Lead privacy compliance assessments and audits across SBA's enterprise, evaluating the agency's adherence to federal privacy requirements, identifying compliance gaps and privacy risks, and developing and overseeing the implementation of corrective action plans and remediation strategies.
  • Serve as the senior lead for privacy incident management activities, directing the investigation and response to privacy incidents and PII breaches, coordinating with SBA's incident response team, legal counsel, oversight bodies, and affected individuals, and ensuring compliance with OMB breach notification requirements and federal reporting timelines.
  • Monitor and assess changes to federal privacy laws, regulations, executive orders, and OMB guidance, providing expert analysis of their impact on SBA's privacy program and leading the development and implementation of required program updates, policy revisions, and procedural changes.
  • Lead the development and maintenance of SBA's enterprise data inventory and data flow documentation, ensuring comprehensive identification and mapping of all PII and SPII across SBA's systems, business processes, and third-party data sharing arrangements.
  • Develop and maintain privacy program metrics, performance indicators, compliance dashboards, and reporting mechanisms, providing regular and ad hoc program status briefings and reports to SBA's SAOP, senior leadership, OMB, and other oversight bodies as required.
  • Serve as SBA's primary liaison with external privacy oversight bodies and federal partners, including OMB, the Department of Justice (DOJ), the Government Accountability Office (GAO), and the SBA Office of Inspector General (OIG), on privacy program matters, audits, and reporting requirements.
  • Provide expert guidance on privacy and data protection considerations related to emerging technologies, cloud adoption, artificial intelligence, data analytics, and third-party vendor relationships, ensuring privacy risks are identified and addressed proactively.
  • Lead and support the development of data sharing agreements, computer matching agreements (CMAs), memoranda of understanding (MOUs), and other inter-agency data sharing arrangements involving SBA's PII and sensitive data, ensuring compliance with Privacy Act requirements and applicable federal data sharing policies.
  • Mentor and provide professional guidance to mid-level and junior privacy staff, fostering their development as federal privacy professionals and building SBA's overall privacy program capacity and capability.

Benefits

  • health, dental and vision insurance
  • 401K with company matching
  • flexible spending accounts
  • paid holidays
  • three weeks paid time off
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service