Privacy Program Consultant

The Department of Information Technology (DoIT) provides support to state agencies, the Executive Office of the Governor, the Governor’s coordinating offices, and a variety of independent agencies within the Executive Branch.

Striving to provide the highest level of customer service to its internal and external customers, DoIT supports Maryland’s agencies and commissions through its leadership and strategic direction for Information Technology and Telecommunications, establishing a long range, target technology architecture, encouraging cross agency collaboration and advocating best practices for operations and project management.

100 Community Place, Crownsville, MD  21032

Reporting to the State Chief Privacy Officer, the Privacy Program Consultant will support state agencies with the implementation of reasonable privacy practices, procedures and fair information practice principles based upon a privacy framework designed to protect personally identifiable information (PII). The Privacy Program Consultant will support an agency’s legal, reputational, operational, and financial goals associated with appropriate PII processing.

***This is a Contractual Position With Limited Benefits***

The Privacy Program Consultant will guide agencies that process personal information as defined by Protection of Information by Government Agencies (PIGA) provisions in Title 10, Subtitle 13 of the State Government Article, Annotated Code of Maryland health, financial, federal tax, education, marketing and communications, employment and personal records that contain PII to comply with State and federal laws. 

Work with the SCPO to create policies that align with applicable state and federal laws and regulations and FIPPs principles. Recommend to and coordinate with agency personnel best practices in the development and implementation of privacy policies, procedures, training, and guidelines that promote the privacy, security, integrity, confidentiality, and reliability of PII. 

1) Support agencies on the administration of privacy risk management framework(s) (currently, NIST privacy frameworks) to objectively determine an agency’s privacy program maturity and to assist in the development of strategies, plans, policies and metrics that meet the agencies’ overall privacy risk management priorities. Coordinate with Department of Information Technology and agency staff to promote effective communication and coordination as it relates to implementation of DoIT privacy policies, federal and State laws, and regulations. 

2) Coordinate with designated agencies to perform privacy impact assessments (PIAs) on a regular basis that measure the effectiveness of an agency’s privacy controls. Support agency completion of PIAs and improvement plan development, as necessary, prior to the implementation of new technologies or systems that process PII, whenever current system changes affect how PII is processed, new PII elements are processed, and other changes as may be identified. Provide reports related to agency implementation of corrective action plans resulting from PIA performance.

3) Coordinate and develop aggregated reports regarding an agency’s privacy risk, such as but not limited to, the identification and assessment of privacy risk, privacy incident and breach management, implementation of privacy enhancing technologies and mechanisms, and PII inventory management.

Education: Bachelor’s degree in computer science, data science, healthcare administration, or related field is required.

Experience: Five (5) years of leadership in privacy program and compliance, governance, risk management, and/or internal audit management.  Experience leading the implementation of new and improvements to existing privacy programs.  To include development of privacy governance and processes related to compliance with Fair Information Practice Principles.  Demonstrated expertise in NIST privacy framework, privacy by design, privacy by default, and data mapping. 

Preference Will Be Given to Those Who Also Have One or More of the Following Certifications:

Privacy Management (CIPM), Information Privacy Professional (CIPP), Healthcare Privacy Compliance (CHCP), or Certification as AI Governance Professional (AIGP). 

Please make sure that you provide sufficient information on your application to show that you meet the qualifications for this recruitment. All information concerning your qualifications must be submitted by the closing date. We will not consider information submitted after this date. Successful candidates will be ranked as Best Qualified, Better Qualified, or Qualified and placed on the eligible (employment) list for at least one year.

The assessment may consist of a rating of your education, training, and experience related to the requirements of the position. It is important that you provide complete and accurate information on your application. Please report all experience and education that is related to this position.

Benefits

Contractual employees who work for an agency and have a current employment contract of 30 or more hours a week (or on average 130 hours per month) will be eligible for subsidized health benefits coverage for themselves and their dependents.   View rates on the Department of Budget & Management website, State Employees, Health Benefits, Contractual/Variable rates.

Leave

Paid leave will accrue at a rate of one hour for every 30 hours worked. 

Online applications are highly recommended. However, if you are unable to apply online, the paper application and supplemental questionnaire may be submitted to: Department of Budget and Management, Recruitment and Examination Division, 301 W. Preston St., Baltimore, MD 21201. Paper application materials must be received in our office by the closing date for the recruitment. No postmarks will be accepted.

For questions regarding this recruitment, please contact the DBM Recruitment and Examination Division at Application.Help@maryland.gov or 410-767-4850, MD TTY Relay Service 1-800-735-2258.

We thank our Veterans for their service to our country.

People with disabilities and bilingual candidates are encouraged to apply.

As an equal opportunity employer, Maryland is committed to recruitment, retaining and promoting employees who are reflective of the State's diversity.