×
Register Here to Apply for Jobs or Post Jobs. X

Business Analyst​/Consultant III

Job in Madison, Dane County, Wisconsin, 53703, USA
Listing for: Samprasoft
Full Time position
Listed on 2026-07-01
Job specializations:
  • IT/Tech
    Data Security, Information Security, Cybersecurity, Data Analyst
Job Description & How to Apply Below

Data & Privacy Program Implementation Contractor

Candidates must be WI residents or willing to relocate to WI at their own expense prior to starting. This position can work 100% remotely (within the state of WI).

Overview:

Seeking an experienced contractor to support the efforts to begin implementation/operationalization of a comprehensive data & privacy program at the Wisconsin Department of Administration (DOA). The contractor will be responsible for helping DOA staff navigate and implement data & privacy frameworks, assessments, governance, policy development, inventory, gap analysis, and other duties as assigned to support this program. In addition, along with the DOA’s Division of Enterprise Technology’s (DET) Chief Technology Officer (CTO) and DOA Division of Legal Service’s (DLS) Lead Privacy Counsel, the contractor will work with key stakeholders to develop a strategic data and privacy program.

This role presents an exciting opportunity for an experienced professional that will support efforts to establish a best-in-class data & privacy program for state government ensuring compliance and the protection of data. Interested contractors should highlight experience that can support the functions of this role.

Key Deliverables of the

Contract:

  • Data and privacy maturity assessment report with gap analysis.
  • Comprehensive data and privacy program strategy and implementation roadmap.
  • Incident response and breach management plan.
  • Third-party privacy risk management (TPRM) framework.
  • Final project report with recommendations for prioritizing privacy efforts, acquiring privacy-enhancing technology (PET) tools, and determining long-term sustainability of agency data privacy initiatives.
  • Scope of Work:

  • Data and Privacy Program Assessment & Strategy Development:
    • Conduct a data and privacy maturity assessment to evaluate current policies, practices, and regulatory/legal compliance.
    • Develop a strategic roadmap for implementing a data and privacy framework aligned with industry standards, regulatory, and legal requirements.
    • Identify key data and privacy risks and recommend mitigation strategies.
    • Provide actionable steps for mapping and inventory management of data assets.
    • Identify and prioritize clear, concise, and enforceable data & privacy policies, standards, and practices to facilitate and drive agency change management.
  • Data and Policy Governance Framework Development:
    • Draft and implement data and privacy policies, standards, and procedures (PSPs) including privacy notices tailored to the agency's operations.
    • Establish a data and privacy governance structure, including roles and responsibilities. Roles considered should include how to drive culture so that all understand their obligations besides the normal operational aspects.
    • Define key performance indicators (KPIs) for data and privacy program success.
    • Outline monitoring plan for compliance and performance to determine cadence and governance practices that ensure adherence to policies and regulations. This plan should include how adjustments are also included into the workflow and cadence to address gaps or emerging risks.
  • Regulatory Compliance & Risk Management:
    • Along with legal counsel, create processes to ensure compliance with federal and state privacy laws and regulations.
    • Along with DOA’s Data manager & legal counsel, develop and implement data privacy risk assessments and risk management frameworks.
    • Along with DOA’s Data Manager, establish a data inventory and mapping process and execute data inventories, data flows, data modeling, data access, data lifecycle and system assessments.
    • Along with legal counsel, create streamlined processes for Privacy Threshold Analyses (PTAs), Privacy Impact Assessments (PIAs), and AI Risk Assessments (AIRAs) and/or embed into existing systems, applications, and risk management/risk assessment processes (e.g., security, cloud brokerage).
  • Vendor & Third-Party Risk Management (TPRM):
    • Along with State Bureau of Procurement (SBOP), DET, and legal counsel, develop a third-party privacy risk assessment framework for statewide procurement and contracting.
    • Along with DET and legal counsel, conduct data and privacy assessments of key…
  • To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
    (If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
     
     
     
    Search for further Jobs Here:
    (Try combinations for better Results! Or enter less keywords for broader Results)
    Location
    Increase/decrease your Search Radius (miles)
    0
    200
    Filters
    Education Level
    Experience Level (years)
    Posted in last:
    Salary