Privacy Subject Matter Expert (SME) at Gunnison Consulting Group

Baltimore, Maryland, United States -

Full Time

Start Date

Immediate

Expiry Date

30 Apr, 26

Salary

140000.0

Posted On

30 Jan, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Federal Privacy Compliance, Policy Development, Privacy Risk Management, Privacy Impact Assessments, Threshold Analyses, Privacy Act, HIPAA, FISMA, E-Government Act, HHS/CMS Privacy Requirements, Audits, Incident Response, Stakeholder Communication, Documentation, Privacy Training, Privacy Agreement Management

Industry

Information Technology & Services

Description

Description * This position is contingent upon a future opening with Gunnison. Salary: $130,000-$140,000 Work location: Primarily remote, with possibility of on-site meetings at client offices in the DMV area including Baltimore. The Privacy Subject Matter Expert (SME) supports CMS’s Information Security & Privacy Group (ISPG) by providing expert guidance on federal privacy compliance, policy development, and privacy risk management. The SME leads the creation and maintenance of privacy policies, supports Privacy Impact Assessments (PIAs) and Threshold Analyses (PTAs), and ensures adherence to the Privacy Act, HIPAA, FISMA, the E-Government Act, and HHS/CMS privacy requirements. They assist with audits, investigations, and incident response involving PII, while maintaining high-quality, compliant documentation and collaborating with internal and external stakeholders. The SME also supports privacy agreement lifecycle management and contributes to agency-wide privacy training and awareness initiatives. Responsibilities: Develop, review, and maintain federal privacy policies and documentation. Conduct and update PTAs and PIAs; ensure timely compliance cycles. Advise on privacy risks, federal requirements, and CMS governance processes. Support privacy incident response and reporting activities. Manage privacy agreements, tracking, renewals, and compliance workflows. Provide SME support for audits (GAO, OIG, FISMA, HVA) and OCR inquiries. Ensure Section 508-compliant documentation. Contribute to privacy-focused training, outreach, and guidance. Requirements 5+ years of experience in federal privacy and risk management. Strong knowledge of HIPAA, Privacy Act, FISMA, OMB A-130, and HHS/CMS policies. Experience with PIAs/PTAs and privacy incident handling. Excellent writing, analysis, and stakeholder communication skills. Preferred: CIPP/G, CIPM, CISSP, or related certifications. US citizenship required. Clearance Requirement: Ability to obtain and maintain a Public Trust. The salary range for this position depends upon multiple factors including location, the individual's knowledge, skills, competencies, and experience, and contract-specific budget constraints and organizational requirements. Gunnison Consulting Group's total compensation package also includes bonus and profit-sharing opportunities, depending on company and employee performance. Available employee benefits include: 3 weeks of Personal Leave your first year 11 paid Holidays each year 5 days of Flexible Time Off each year 401(k) company match at 50% up to 10% of your salary Medical, Dental and Vision Insurance Life and Disability Insurance Public Transportation Subsidies Certifications and Training Allowance - $2,500/year! Why Join Gunnison? Gunnison takes on ambitious projects. We target fun, challenging work that requires creative thinking and innovation. Quality is our top priority. Gunnison employee benefits meet or exceed what other companies in the Washington, D.C. metropolitan area offer. There is a great sense of camaraderie at Gunnison. This is an atmosphere we will maintain as we continue to grow. We are growing rapidly and the opportunity for individual professional growth with Gunnison is outstanding. We hire for careers at Gunnison, not to fill a position. Equal Opportunity/Affirmative Action Employer. Must be eligible for employment in the United States. We are unable to sponsor candidates at this time. In 1994 Gunnison began serving the greater Washington, D.C. metro area, focused on tackling our customers' most ambitious technology projects. By creating a culture dedicated to enabling our customers and employees to achieve more than they ever thought they could, the company has thrived for over 25 years.

Responsibilities

The Privacy Subject Matter Expert (SME) develops and maintains federal privacy policies, conducts Privacy Impact Assessments, and supports privacy incident response activities. They also manage privacy agreements and contribute to agency-wide privacy training initiatives.