GDPR CCPA NIST Analyst
GDPR CCPA NIST Analyst
(Jobs in Madison, WI)
Requirement id 157481
Job title Analyst
Job location in Madison, WI
Skills required Process Development, GDPR, CCPA, NIST
Open Date 12-Mar-2026
Close Date
Job type Contract
Duration 3 Months
Compensation DOE
Status requirement ---
Job interview type ---
Email Recruiter:coolsoft
Job Description Analyst: Process Development, GDPR, CCPA, NIST
Start date :4/13/2026
End Date :06/30/2026
Submission deadline :3/19/26 4:00 PM CST
Client Info : DOA
Note:
• Interview Process: virtual via Teams. Please make sure candidates are able to interview ASAP and have open availability to avoid reschedule requests or delays.
• Onsite or Remote? Must be CURRENT WI residents. No relocation allowed. Primarily remote with 1 day PER MONTH onsite at Madison office.
• Duration of the Contract: until 6/30/26 with extension likely. Initial contract term is 6-9 months.
Description:
Seeking an experienced contractor to design, develop, and help stand up a comprehensive privacy program at the Wisconsin Department of Administration. The contractor will be responsible for developing, documenting, and, as feasible, implementing or operationalizing, privacy program policies and plans to enhance privacy governance, compliance, and risk management practices for the agency, that can later inform enterprise recommendations for all executive branch agencies.
Scope of Work: Along with legal counsel and others, the contractor will perform the following tasks:
1. Policy & Governance Framework Development:
o Establish privacy procedures tailored to the agencys operations.
o Establish a privacy governance structure, including roles and responsibilities.
o Define key performance indicators (KPIs) for privacy program success.
2. Regulatory Compliance & Risk Management:
o Create processes to ensure compliance with federal, state, and local privacy laws and regulations.
o Create processes for Privacy Threshold Assessments (PTAs) and Privacy Impact Assessments (PIAs).
o Identify systems that process personally identifiable information (PII) and other regulated data, and identify key stakeholders associated with those systems per NIST Risk Management Frameworks (e.g., system owner, authorizing official, etc.).
3. Training & Awareness:
o Create privacy communication materials, best practice guidelines, and training.
o Develop/recommend best practices to foster a culture of privacy compliance within the agency.
4. Incident Response & Data Breach Management:
o Along with Chief Information Security Officer (CISO) and legal counsel, develop privacy mandates within existing incident response plans.
o Along with CISO and legal counsel, establish procedures for reporting and remediating privacy incidents.
5. Vendor & Third-Party Risk Management:
o Along with legal counsel, conduct privacy assessments of key vendors and partners.
o Along with legal counsel, recommend strategies to standardize contracting and data sharing agreements (DSAs) and/or templatize appropriate data protection and privacy clauses within contracts.
6. Privacy Technology & Automation:
o Assess and recommend privacy-enhancing technologies (PETs) and automation tools.
o Support integration of data/privacy tools and controls into agency IT systems, including the governance, risk, and compliance (GRC) platform.
o Collaborate with IT and security teams to embed privacy by design principles into all aspects of the system development lifecycle (SDLC).
Required Qualifications & Competencies (8-10 Years of Relevant Experience Required):
- Excellent communication skills and the ability to engage with stakeholders at all levels, translating complex technical and legal ideas to business stakeholders and decision-makers.
- Demonstrated experience in privacy program process development and implementation.
- Strong knowledge of NIST Risk Management Frameworks (e.g., NIST RMF, NIST PF, NIST CSF).
Well Qualified Applicant Qualifications & Competencies:
- Knowledge of privacy laws and regulations (e.g., GDPR, CCPA, HIPAA).
- Experience conducting privacy impact assessments and developing privacy pr
Call502-379-4456 Ext 100for more details. Please provide Requirement id: 157481 while calling.
EOE Protected Veterans/Disability
Apply tot his job
Apply To this Job
(Jobs in Madison, WI)
Requirement id 157481
Job title Analyst
Job location in Madison, WI
Skills required Process Development, GDPR, CCPA, NIST
Open Date 12-Mar-2026
Close Date
Job type Contract
Duration 3 Months
Compensation DOE
Status requirement ---
Job interview type ---
Email Recruiter:coolsoft
Job Description Analyst: Process Development, GDPR, CCPA, NIST
Start date :4/13/2026
End Date :06/30/2026
Submission deadline :3/19/26 4:00 PM CST
Client Info : DOA
Note:
• Interview Process: virtual via Teams. Please make sure candidates are able to interview ASAP and have open availability to avoid reschedule requests or delays.
• Onsite or Remote? Must be CURRENT WI residents. No relocation allowed. Primarily remote with 1 day PER MONTH onsite at Madison office.
• Duration of the Contract: until 6/30/26 with extension likely. Initial contract term is 6-9 months.
Description:
Seeking an experienced contractor to design, develop, and help stand up a comprehensive privacy program at the Wisconsin Department of Administration. The contractor will be responsible for developing, documenting, and, as feasible, implementing or operationalizing, privacy program policies and plans to enhance privacy governance, compliance, and risk management practices for the agency, that can later inform enterprise recommendations for all executive branch agencies.
Scope of Work: Along with legal counsel and others, the contractor will perform the following tasks:
1. Policy & Governance Framework Development:
o Establish privacy procedures tailored to the agencys operations.
o Establish a privacy governance structure, including roles and responsibilities.
o Define key performance indicators (KPIs) for privacy program success.
2. Regulatory Compliance & Risk Management:
o Create processes to ensure compliance with federal, state, and local privacy laws and regulations.
o Create processes for Privacy Threshold Assessments (PTAs) and Privacy Impact Assessments (PIAs).
o Identify systems that process personally identifiable information (PII) and other regulated data, and identify key stakeholders associated with those systems per NIST Risk Management Frameworks (e.g., system owner, authorizing official, etc.).
3. Training & Awareness:
o Create privacy communication materials, best practice guidelines, and training.
o Develop/recommend best practices to foster a culture of privacy compliance within the agency.
4. Incident Response & Data Breach Management:
o Along with Chief Information Security Officer (CISO) and legal counsel, develop privacy mandates within existing incident response plans.
o Along with CISO and legal counsel, establish procedures for reporting and remediating privacy incidents.
5. Vendor & Third-Party Risk Management:
o Along with legal counsel, conduct privacy assessments of key vendors and partners.
o Along with legal counsel, recommend strategies to standardize contracting and data sharing agreements (DSAs) and/or templatize appropriate data protection and privacy clauses within contracts.
6. Privacy Technology & Automation:
o Assess and recommend privacy-enhancing technologies (PETs) and automation tools.
o Support integration of data/privacy tools and controls into agency IT systems, including the governance, risk, and compliance (GRC) platform.
o Collaborate with IT and security teams to embed privacy by design principles into all aspects of the system development lifecycle (SDLC).
Required Qualifications & Competencies (8-10 Years of Relevant Experience Required):
- Excellent communication skills and the ability to engage with stakeholders at all levels, translating complex technical and legal ideas to business stakeholders and decision-makers.
- Demonstrated experience in privacy program process development and implementation.
- Strong knowledge of NIST Risk Management Frameworks (e.g., NIST RMF, NIST PF, NIST CSF).
Well Qualified Applicant Qualifications & Competencies:
- Knowledge of privacy laws and regulations (e.g., GDPR, CCPA, HIPAA).
- Experience conducting privacy impact assessments and developing privacy pr
Call502-379-4456 Ext 100for more details. Please provide Requirement id: 157481 while calling.
EOE Protected Veterans/Disability
Apply tot his job
Apply To this Job