Senior Consultant - Privacy Analyst

About the Role

As a senior consultant – privacy analyst in the Cybersecurity and Data Privacy practice area, you will collaborate with team members to support our clients in today's rapidly evolving privacy landscape. Your primary client is the New York State Department of Health.

• Review policies, regulations, or proposals against existing NYS or federal requirements
• Manage the day‑to‑day legal and policy requests assigned
• Evaluate proposed activities, including references to applicable laws or regulations
• Create project work plans for long‑term or multi‑step initiatives
• Manage data use and business associate agreements
• Facilitate meetings with stakeholders from across our client community
• Analyze business needs balanced against privacy requirements and best practices
• Collaborate as part of a team to oversee and implement privacy‑ and security‑related best practices for NYSTEC clients

• Excellent analytic capabilities and exemplary skills in developing and managing stakeholder relationships
• Exceptional privacy knowledge and experience
• General information security knowledge
• New York State and federal health policy experience
• Exceptional written and verbal communications and interpersonal skills with the ability to manage and develop key relationships with colleagues and clients through collaborative thinking and a strong customer focus
• Proficiency with the Microsoft Office Suite of applications
• Experience and demonstrated comfort level in verbal, written, and in‑person communications

• Security and privacy certifications from accredited organizations, such as the International Information System Security Certification Consortium (ISC2) or the International Association of Privacy Professionals (IAPP)
• Knowledge of the New York State Medicaid program and its systems, data, and uses
• Expertise in public health, health information, or security and privacy policies and standards, such as NIST 800‑53 and CMS Acceptable Risk Safeguards (ARS)
• Master's degree

• Bachelor's degree and five years of related experience in privacy, law, or healthcare policy
• An equivalent combination of advanced education, training, and experience will be considered

It is NYSTEC's policy to provide equal employment opportunity (EEO) to all individuals, regardless of actual or perceived race, color, creed, religion, sex, or gender (including pregnancy, childbirth, and related medical conditions), gender identity or gender expression (including transgender status), age, national origin, ancestry, citizenship status, physical or mental disability, protected medical condition as defined by applicable state or local law, genetic information, military service and veteran status, sexual orientation, marital status, or any other characteristic protected by local, state, or federal laws and ordinances.

NYSTEC is strongly committed to this policy and believes in the concept and spirit of the law.

Applicants must be authorized to work in the United States without the need for visa sponsorship now or in the future.