Privacy Program Manager

Chenega Corporation•Huntsville, AL

About The Position

Privacy Program Manager Huntsville, Alabama Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you looking for a career where professional development is embedded in your employer’s core culture? If so, Chenega Military, Intelligence & Operations Support (MIOS) could be the place for you! Join our team of professionals who support large-scale government operations by leveraging cutting-edge technology and take your career to the next level! Chronos Operations (CO) is a wholly-owned subsidiary of Chenega Corporation, an Alaska Native Corporation based in Anchorage, AK. Belonging to the Military, Intelligence, and Operations Support (MIOS) Strategic Business Unit (SBU), Chronos has a culture rooted in integrity, respect, and exceptional performance. Chronos is headquartered in Colorado Springs, CO, and provides mission-critical services in Advanced Analytics & AI, Software Engineering, Cybersecurity, Information Technology, and Intelligence. Chronos Operations, LLC is seeking a Privacy Program Manager with a strong background in cybersecurity and privacy compliance for the Army Materiel Command (AMC), Chief Information Office (CIO). This role is responsible for developing, implementing, and managing privacy programs that ensure compliance with federal laws, DoD policies, and cybersecurity regulations.

Requirements

Associate's Degree or Bachelor's Degree in Computer Science, Engineering, Cyber Security, or equivalent experience in lieu of a degree.
5+ years of experience developing and implementing Privacy within RMF systems in accordance with DoD and Federal regulations.
3+ years of experience in privacy, compliance, or risk management roles is common.
Must have experience with developing and implementing privacy policies and procedures.
Must have an active Secret Clearance with the ability to obtain TS with SCI eligibility.
Knowledge of RMF/DevSecOps/Zero Trust integration points.
Ability to develop and maintain data maps.
Extensive knowledge of NIST SP 800-53, eMASS, and POA&Ms.
Effective communication skills for information between various functional disciplines, as well as strong briefing skills with senior customer and corporate leadership.
Proven leadership skills, including working in a team environment, fostering communication, listening to teammates' concerns, and reconciling internal issues or differences.
Proven ability to solicit and process complex information and data to solve complex problems and make sound decisions.
Analytical and strong organizational skills, with excellent verbal and written ability.
Good work ethic and active desire to learn.
Skillful time management and organizational skills to set and meet deadlines.
Ability to work both independently and within a team.
Ability to work effectively in a team environment to encourage collaboration, innovation, and continuous improvement.
Ability to supervise and manage others.
Ability to meet minimum clearance requirements.
Ability to work nights, weekends, and holidays as required.
Ability to travel up to 10%

Nice To Haves

Certification in Privacy (e.g., CIPP, CIPM) is highly desirable and preferred.
Experience with federal systems accreditation (A&A) and FISMA compliance reporting.

Responsibilities

Develop and implement Privacy Programs in accordance with DoD and Federal regulations.
Conduct privacy risk assessments and ensure compliance with privacy regulations.
Author and develop a Privacy Program Plan to streamline privacy risk assessments around system vulnerabilities, threat assessments, and operational mission impacts.
Interactions involving clients and interfacing with senior management and the government.
Develop and oversee implementation of the organization's privacy policies and procedures in alignment with DoD and federal privacy guidelines.
Develop authoritative system inventories, implementing standardized Privacy Threshold Analysis (PTA) and Privacy Impact Assessment (PIA) processes, and linking privacy assessments to vulnerability and threat intelligence.
Act as the subject matter expert (SME) on PII, PHI, and sensitive data protection, ensuring appropriate controls are integrated within IT systems.
Coordinate with Cybersecurity, Information Assurance (IA), Legal, and Risk Management teams to ensure privacy is embedded in security operations.
Manage Data Loss Prevention (DLP) strategies in conjunction with cybersecurity tools to prevent unauthorized access or disclosure.
Lead privacy incident response efforts and investigations involving breaches of PII.
Train and educate employees on privacy best practices and federal/DoD privacy regulations.
Participate in audits and prepare documentation and reports to demonstrate privacy compliance.
Provide regular updates to senior leadership regarding privacy risks, gaps, and improvement strategies.
Develop, implement, and maintain security policies, procedures, and documentation to ensure compliance with DoD security standards and regulations (e.g., NIST, RMF, FISMA).
Achieve and maintain compliance with cybersecurity regulations, and optimize the current process to streamline the approval process.
Maintain and track security documentation, including system security plans (SSPs), risk assessments, and Plan of Actions & Milestones (POA&Ms).
Supports the Information System Security Manager (ISSM) in ensuring system information is accurately entered into the Enterprise Mission Assurance Support Service (eMASS).
Conducts detailed cybersecurity and privacy risk assessments of systems, including facility-related control systems and OT systems.
Assists the RMF team with reviewing and maintaining RMF packages and system ATO artifacts.
Stay current with emerging cybersecurity threats, vulnerabilities, and trends to ensure the program adapts to evolving security challenges.
Supervisory duties as assigned.
Other duties as assigned.