STATE CLASSIFICATION JOB DESCRIPTION


Salary Group B25

Class No. 1899

PRIVACY ANALYST III

GENERAL DESCRIPTION

Performs highly advanced (senior-level) privacy analysis work.  Work involves overseeing the review and monitoring of controls over confidential and sensitive data to prevent unauthorized disclosure.  May assign and/or supervise the work of others.  Works under minimal supervision, with extensive latitude for the use of initiative and independent judgment. 

EXAMPLES OF WORK PERFORMED

Oversees and/or reviews and evaluates the life cycle of confidential and sensitive data, including the collection, storage, use, transfer, retention, and destruction of information.

Oversees agencywide programs related to privacy including facilitation and assessment activities.

Oversees and/or reviews privacy and security controls and makes compliance recommendations.

Prepares responses to confidentiality and data-sharing inquiries from internal and external customers.

Researches current privacy industry standards.

Gathers, organizes, and quantifies privacy and security survey and questionnaire responses.

Performs privacy awareness activities such as training, developing, and maintaining privacy-related communications; coordinating the marketing of privacy programs; and leading work groups and task forces.

Develops and implements privacy controls, policies, standards, guidelines, and operating procedures.

Monitors, analyzes, and reviews privacy-related legislation.

Evaluates third-party contracts, and makes recommendations regarding privacy practices and controls, as appropriate.

Consults with other program areas for assessment of threats to information privacy.

Assists in the development and maintenance of a comprehensive data breach/privacy incident plan.

May assign and/or supervise the work of others.

Performs related work as assigned.

GENERAL QUALIFICATION GUIDELINES

Experience and Education

Experience in privacy analysis, information security, or process management work.  Graduation from an accredited four-year college or university with major coursework in business administration, government, management information systems, public administration, or a related field is generally preferred.  Experience and education may be substituted for one another.

Knowledge, Skills, and Abilities

Knowledge of privacy and information security standards, of process development, and of project management theories and practices.

Skill in conducting research, in diagramming business process flows, and in the use of a computer and applicable software.

Ability to identify and resolve problems, to maintain confidentiality and protect privacy, to develop and implement policies and procedures, to communicate effectively, and to assign and/or supervise the work of others.


State Auditor’s Office

Added 9-1-15