Privacy Compliance Auditor – SME

Job Description: • Conduct comprehensive privacy compliance audits of CMS systems, ensuring adherence to federal privacy laws and CMS privacy requirements • Evaluate Privacy Impact Assessments (PIAs), System of Records Notices (SORNs), and Data Use Agreements (DUAs) for completeness and accuracy • Support CMS in meeting audit requirements from OMB, OIG, OCR, and internal privacy oversight bodies • Provide recommendations for privacy control improvements and develop audit remediation plans • Monitor and document privacy risks, data handling processes, and potential noncompliance issues • Collaborate with Privacy Officers, ISSOs, legal counsel, and system owners to ensure ongoing compliance and audit readiness • Develop privacy audit checklists, frameworks, and compliance dashboards • Author formal audit reports, briefing documents, and stakeholder communications Requirements: • Bachelor’s degree in Privacy, Cybersecurity, Law, Public Policy, or a related field. • 7+ years of experience in privacy compliance auditing, privacy impact assessments, or data protection in a federal setting. • Strong understanding of the Privacy Act, HIPAA, OMB Circular A-130, and FISMA privacy requirements. • Experience conducting audits or assessments for CMS, HHS, or similar agencies. • Exceptional written and verbal communication skills, with experience developing formal audit deliverables. • Ability to translate complex privacy policies into actionable compliance and audit strategies. Benefits: • Health insurance • Retirement plans • Paid time off • Flexible work arrangements • Professional development Apply tot his job