Strategy - Planning
ERPi is a small business, dedicated to values of trust and integrity. Our mission is to deliver professional services as a trusted agent and expert enterprise program management services for Federal clients. At ERPi, we look for individuals who want to be a part of team and work collaboratively to offer creative solutions. Here you have the ability to experience a wide range of projects where you can gain experience and skill sets and share your ideas in an environment where employees are encouraged to grow, given more autonomy and empowered to enact change. ERPi has been awarded a contract with the U.S. Securities and Exchange Commission (SEC) to provide the SEC Office of the Chief Information Officer (CIO) support in the development and implementation of Assessment and Documentation services for information privacy assurance.We are looking for an Privacy Assessment Lead (Information Systems (IS)) Auditor to support our team in creation of Privacy Controls Assessments (PCA) and Privacy Assessment Reports (PAR) for new and modified systems and projects against the SEC’s identified set of privacy controls. The PCA should minimally include: System-Specific and Hybrid Privacy Control Testing; adherence to the SEC’s security and privacy program, policies and guidance; documentation review; personnel interviews; and observations. This work includes an assessment of risk levels, privacy information management, and remediation options to remove privacy risks. Lead engagements with SEC system and business owners;
Plan, conduct, and oversee assessments of privacy controls;
Develop privacy control assessment plans;
Develop Privacy Assessment Reports (PAR) for said systems;
Maintain documentation for each assessed system.
A Bachelor's and 10+ years of relevant experience, or a Master's and 8+ years of relevant experience, primarily within control assessment and reporting in the Federal environment
CISSP or CISA
Assessment management experience with information systems, and security and privacy controls
Strong oral and written communication skills (briefings, presentations, and training sessions)
Desired Skills and Experience:
Certification(s) in Privacy (such as CIPP/US or CIPP/G);
Experience supporting customers in SEC is a plus;
Experience leading assessment teams;
Knowledgeable of the NIST Risk Management Framework (RMF);
Our mission drives us to exceptional performance. At ERPi, we leverage a strong understanding of strategy and bring value to our clients and each other every day. We find opportunities to deliver long lasting results that impact communities all over the country. We focus on collaboration and partnerships to continually identify new methods to tackle our clients’ most complex problems.
At ERPi, you can create your own path and immerse yourself in new challenges. The work we do is just as important as our people who make it happen. Our people are the heart of our business and we are committed to providing an inclusive environment where they enjoy working together. We have committed to drive positive change and know that a diverse workforce provides a source for innovation and inspiration.