Location: Amarillo, TX
Job Title: Risk/Privacy Officer
Career Level From: Specialist
Career Level To: Senior Specialist
Organization: IT Business Operations (51355096)
Job Specialty: Service Transition
What You'll Do
Information Solutions & Services - The Information Solutions and Services (IS&S) organization at Consolidated Nuclear Security (CNS) is dedicated to providing information services and technology that enable staff to be productively engaged in the NNSA nuclear security mission. This position supports the Director of Business Operations with the responsibility for coordinating IS&S Risk and Privacy programs at the Pantex Plant in Amarillo, TX.
This position will be responsible for integrating effective risk management across the IS&S and cybersecurity programs. The position is also responsible for ensuring that the company is in compliance with all applicable privacy policies and procedures.
Major responsibilities include:
• Risk Officer
o Act as the primary interface with the CNS Enterprise Risk Management Program (ERM)
o Work with IS&S leadership to identify, define and record risks in the IS&S risk register
o Manage the definition of risk impact scores and mitigation plans to continually reduce risk
o Work with ERM to identify risks and opportunities on other organizations’ risk registers that contain an IT or Cyber component
o Identify and analyze risks across all IT projects and initiatives
o Track all risk mitigation activities in accordance with IS&S demand management and project management processes
• Privacy Officer
o Develop and manage the overall company privacy program to ensure compliance with Federal requirements
o Act as Site Privacy Representative (PR) in accordance with NNSA SD 206.1A
o Ensure privacy impact assessments (PIAs) are complete for federal information systems that process, contain, or store federal information under company management
o Establish policies, procedures and monitoring to confirm Personally Identifiable Information (PII), in any format, is protected, secured, and disposed of when no longer required.
o Develop and implement a comprehensive training program for all employees regarding privacy and protection of PII.
o Ensure all internal and external data exchanges adhere to the company’s policies and procedures.
o Report all privacy breaches within required time limits and manage the investigation and response activities.
What You Can Expect
- Meaningful work and unique opportunities to support missions vital to national and global security
- Top-notch, dedicated colleagues
- Generous pay and benefits with a stable organization
- Career advancement and professional development programs
- Work-life balance fostered through flexible work options and wellness initiatives
Minimum Job Requirements
- Bachelor's Degree in engineering/science discipline. Minimum of 4 years of relevant experience.
- Master's Degree coupled with 2 years of relevant experience.
Preferred Job Requirements
- Progressive management responsibilities.
- 5+ years managing cross-functional, complex teams, delivering major IT projects and supporting a large customer base
- 5+ years’ experience managing risk and/or privacy compliance programs
- Ability to work autonomously, strong decision making, time management, communication, and customer service skills
- Strong operational background with demonstrated ability to support mission critical operations, improve system availability, and manage within a highly regulated compliance environment
- Strong written and oral communication skills
- Job may require on call support in the event of an operational or cyber security incident.
- Ability to travel (6+ weeks per year) to off-site locations to support DOE/NNSA mission requirements.
- Certified Information Privacy Professional (CIPP/US) accreditation
- Advanced Degree in information technology, engineering, or related field
- CISSP, ITIL, and/or PMP certifications desired but not required
- Familiarity with DOE/NNSA Cyber Security program and requirements
- Past management experience within DOE/NNSA or other national security federal programs such as DoD or the Intelligence community
- Familiarity with business process re-engineering to include Six Sigma and/or Lean techniques
- Specific knowledge of Federal cyber security and risk management requirements with an emphasis on NIST Special Publications (i.e., 800-53)
Why Pantex and Y-12?
You get #morethanajob. We encourage employees to achieve a healthy personal balance among home, work and the community. One of the ways we embrace work-life balance is by offering flexible work arrangements that provide alternatives to the traditional workweek, while still meeting business needs. Top talent and personal commitment mean more to our success than any other factors, so we reward our people with the kinds of benefits that make a positive difference in the quality of their lives. Benefits such as: medical plan, prescription drug plan, vision plan, dental plan, employer matched 401(k) savings plan, disability coverage, education reimbursement and many more. Want to stay healthy and fit but hate the cost of a gym membership? Take advantage of one of our onsite workout facilities and eat healthy in our onsite cafeterias. Much more than a workplace, at Pantex and Y-12, you can build a career that lasts a lifetime.