(488) Privacy Subject Matter Expert and Analyst

Company Summary

Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future. 

Position Description

The Privacy Subject Matter Expert (SME) will support the Chief Information Officer (CIO) within the Chief Digital and Artificial Intelligence Office (CDAO) under the Secretary of Defense. This independent role will focus on integrating privacy frameworks into the Assess and Authorize (A&A) processes, ensuring compliance with privacy, civil liberties, and security standards. The SME will define and operationalize Privacy Impact Assessments (PIAs) tailored to CDAO’s mission, establishing their role within the broader cybersecurity and Operation Vulcan Logic (OVL) framework.

They will work to align privacy policies with federal and DoD-specific requirements, providing expert guidance on the implementation of privacy controls to safeguard sensitive data. This individual will collaborate across DoD entities to address privacy challenges associated with AI initiatives, ensuring data governance frameworks are resilient and compliant.

The role requires in-depth expertise in privacy law, risk management, and DoD security apparatuses. Work Location Primarily remote. Will be required to come into the office for specific meetings as requested. Candidates in the Washington DC Metropolitan preferred. Travel requirements outside of the DMV less than 10%.

Location: Pentagon, Arlington, VA

Clearance: Secret

Job Responsibilities:

• Develop and implement a robust Privacy Impact Assessment (PIA) framework tailored to the CDAO’s mission, integrating it into A&A processes and the broader cybersecurity structure.
• Define privacy policies and procedures aligned with DoD requirements, ensuring compliance with federal privacy laws, such as the Privacy Act of 1974.
• Collaborate with stakeholders to address privacy risks in AI and digital initiatives, ensuring alignment with civil liberties and ethical considerations.
• Provide expert guidance on privacy controls (e.g., NIST SP 800-53) and their integration into the Risk Management Framework (RMF).
• Establish governance structures for the handling of sensitive data, promoting transparency and accountability.
• Conduct privacy risk assessments and recommend mitigation strategies to enhance data protection.
• Advise leadership on privacy implications of emerging technologies and recommend actionable strategies.
• Collaborate with OVL teams to align privacy requirements with cybersecurity objectives.
• Lead efforts to enhance privacy training and awareness within CDAO.
• Monitor and analyze changes in privacy regulations, ensuring organizational practices remain compliant. Success Factors
• Demonstrates deep expertise in privacy laws, DoD security policies, and civil liberties.
• Develops and operationalizes a PIA process that becomes a cornerstone of the CDAO’s cybersecurity structure.
• Builds effective relationships across DoD components to foster collaboration and compliance.
• Successfully identifies and mitigates privacy risks in AI-driven programs and other digital initiatives.
• Enhances data governance frameworks to ensure the secure handling of sensitive information.
• Provides actionable insights on privacy and data protection during A&A processes.
• Drives a culture of privacy awareness and compliance within CDAO through training and outreach.
• Maintains up-to-date knowledge of privacy regulations and proactively adjusts policies as needed.
• Aligns privacy initiatives with OVL’s operational objectives and cybersecurity requirements.
• Earns trust as a reliable, independent advisor to CIO leadership, delivering measurable results.

Minimum Qualifications

• Must have a current and active Secret or higher security clearance.
• Master’s degree in a related field from an accredited university/college. • Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field.
• Minimum 5 years of combined Joint, Interagency, OSD, or Service Headquarters experience performing work related to task area.
• Minimum 5 years of experience using communication skills, both written and oral, to include preparation of written products for senior leader (general officer/flag officer/senior executive service level).
• Ability to communicate complex cybersecurity concepts to both technical and non-technical stakeholders, including senior leadership.
• Must be comfortable in outward-facing roles, including presenting to senior leadership and participating in external vendor discussions.

Desired Qualifications:

• At least 5 years of experience in privacy / cyber operations.
• Expertise in privacy frameworks, security apparatuses, and civil liberties.
• Strong knowledge of DoD A&A processes, privacy controls (e.g., NIST SP 800-53), and data protection strategies.
• Experience in policy development and the strategic implementation of cybersecurity operations, particularly within government or defense organizations.
• Proficiency in cybersecurity frameworks such as NIST, MITRE ATT&CK, and ISO 27001 and DoD Instructions such as 5400.16

AAP Statement

We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.