Privacy Specialist

Recruitment #210121-UNCB-24

Introduction

A resume and cover letter must be submitted with your application.

The Office of Management and Enterprise Services (OMES) is dedicated to providing excellent service, expert guidance, and continuous improvement in support of our partners’ goals. We are a highly-qualified workforce committed to serve those who serve Oklahomans and make government run in the most efficient, innovative manner possible. Achieving this mission takes a collaborative, agile, respectful team with humble leaders who make a difference and get things done. 

For more information about OMES, please visit our website.  

OMES is seeking a full time Privacy Specialist with an emphasis on Oklahoma data privacy laws, rules and regulations, as well as how Oklahoma laws interact with federal counterparts. Knowledge of Oklahoma privacy laws is required, and knowledge of other privacy laws is expected (e.g., The Health Insurance Portability and Accountability Act “HIPAA,” The Family Educational Rights and Privacy Act “FERPA,” etc.) This is an unclassified position in state government, located in Oklahoma City. OMES offers a comprehensive Benefits Package, including a generous benefit allowance to offset the cost of insurance premiums for employees and their eligible dependentsFor more information about the benefit allowance [click here]. The annual salary for this position is up to $65,000.00 based on education and experience.

This position is a key, client-focused role responsible for providing support of our Privacy and Information Assurance programs. The Privacy Specialist should be passionate about customer service, privacy and technology as well as eager to make a difference in the cybersecurity industry. If needed, this position may be assigned to work closely with one or more specific State agencies as determined by the OMES Privacy Information & Assurance Manager. This position will work with the Privacy Information & Assurance Manager to assess privacy risks, conduct Privacy Impact Assessments, develop, maintain and govern privacy and information assurance policies and procedures, ensure all policies and standards are aligned to state business requirements, information technology strategy, privacy/legal/regulatory requirements and leading industry standard frameworks including the National Institute of Standards and Technology (NIST) Privacy Framework and other applicable frameworks as identified by the agency. This position will collaborate with multiple stakeholders and requires excellent written and verbal communication skills.

Position Responsibilities
• Assist the Privacy Information & Assurance Manager in reviewing policies for identified gaps, striving to implement privacy by design principles wherever possible and collaborate with Privacy Information & Assurance Manager and the Cybersecurity Policy/Technical Writer to draft clear internal policies specifying the types and intended uses for collected data.
• Assist the Privacy Information & Assurance Manager in conducting information asset inventories, data classification and data mapping to help stakeholders develop privacy and data security and tailored Incident Response Plans (IRPs) that comply with federal and state laws and industry best practices and provide roadmaps for satisfying regulatory compliance obligations in the event of a breach.
• Assist the Privacy Information & Assurance Manager in conducting privacy impact assessments.
• Maintain knowledge of agency-specific privacy challenges associated with the collection, storage, processing and sharing of vast amounts of sensitive personal information and in consultation with the Privacy Information & Assurance Manager and/or Legal, as appropriate, provide guidance as necessary.
• Understand privacy compliance and cybersecurity risks in complex IT service arrangements and outsourced platforms, including critical privacy and security considerations that accompany the design and implementation of new services. Effectively communicate the status, value, and importance of information obtained to the Privacy Information & Assurance Manager and other members of the OMES team.
• Assist the Privacy Information & Assurance Manager in partnering with the Data Services team to develop information assurance strategies, systems and models to drive business and policy value from available data stores.
• Keep up to date on current and emerging trends and changes in legislation within the area of Data Privacy and applicability to the State.
• May serve as initial point of contact for privacy-related complaints regarding OMES processes or systems, and/or may maintain complaint/resolution logs.
• May identify breach notification requirements and/or draft initial breach notifications in consultation with applicable stakeholders.
• May coordinate efforts with OMES training team to recommend identified training opportunities.
• May cross-train with other agency Privacy Specialists.

Physical Demands and Work Environment
• This position works in a comfortable office setting with a computer for a large percentage of the workday. The noise level in the work environment is usually mild. Occasional travel may be required.

OMES is an Equal Opportunity Employer. Reasonable accommodation to individuals with disabilities may be provided upon request.

MINIMUM QUALIFICATIONS

Minimum Qualifications
• Requirements include knowledge of local data privacy legislation and corresponding federal legislation as well as what controls are needed to secure compliance
• Three (3) years of experience in a privacy, information technology, or information assurance field OR an equivalent combination of education and experience, substituting 12 semester hours in computer science or management information systems course work for each year of the required experience.

Preference will be given to candidates who possess
• J.D. preferred
• IAPP Certification CIPP/US preferred
• Familiarity with Google offerings and Microsoft Azure preferred

NOTES

Please read instructions carefully and include all required documents when you submit your application.

No additional information will be accepted after the application has been submitted.

Conclusion

Veteran’s preference points apply only for initial appointment in the classified service.