Privacy and CUI Lead

The Privacy and CUI Lead will oversee the development, implementation, and enforcement of enterprise-wide privacy and controlled unclassified information (CUI) policies, processes, and compliance frameworks. This role requires deep knowledge of federal privacy laws, CUI regulations, and records management requirements. The Lead will serve as a central liaison across privacy, CUI, and records disciplines-ensuring consistent labeling, categorization, handling, and safeguarding of sensitive information. In collaboration with the Chief Privacy Officer and senior stakeholders, this position will advance the organization's compliance posture, strengthen risk management practices, and deliver measurable improvements in privacy and information security maturity.

Responsibilities:

• Program Leadership: Lead and coordinate enterprise-wide privacy and CUI initiatives, ensuring consistent labeling, categorization, marking, and authorized destruction or digitization of records.
• Compliance Oversight: Ensure compliance with governing laws, executive orders, and regulations, including the Privacy Act of 1974, NIST 800-53 Rev. 5, E-Government Act of 2002, NIST SP 800-122, EO 13556, EO 13719, and FISMA 2014.
• Risk Management: Apply privacy risk management frameworks to identify, assess, and mitigate organizational privacy risks, collaborating directly with the Chief Privacy Officer.
• Stakeholder Engagement: Act as liaison across multiple organizational units, coordinating and consolidating input into high-quality deliverables that meet privacy and CUI standards.
• Training & Awareness: Provide training, guidance, and communications to staff and leadership on privacy protections, CUI handling requirements, and records management obligations.
• Continuous Improvement: Recommend enhancements to strengthen policy, processes, and systems, with an emphasis on automation and digitization of CUI records.
• Deadline Management: Successfully manage multiple, competing priorities and short suspense deadlines in a fast-paced federal environment

Basic Qualifications

• Bachelor's degree in Cybersecurity, Information Systems, Information Assurance, Information Science, Records Management, or a related technical/policy field.
• 10 years professional experience in privacy, cybersecurity compliance, information governance, or CUI programs.
• 5 years of experience leading or coordinating cyber/privacy compliance teams in a federal setting.
• 5 years of experience implementing CUI safeguarding within IT systems, including labeling, marking, categorization, destruction, and digitization of electronic records.
• 5 years of experience applying federal privacy and cybersecurity frameworks (e.g., NIST SP 800-53 Rev. 5, FISMA, FedRAMP), performing privacy impact assessments, and integrating privacy-by-design into IT systems.
• Minimum 5 years of applied experience with:
  • Privacy Act of 1974
  • NIST SP 800-53 Rev. 5, NIST SP 800-122
  • E-Government Act of 2002, Section 208
  • EO 13556 & EO 13719
  • Federal Records Act Amendments of 2014, FISMA 2014
  • OMB Circulars A-130, A-108, and A-123

Preferred Qualifications

• Demonstrated ability to work with system owners, ISSOs, and cybersecurity architects to ensure CUI and privacy requirements are implemented in enterprise IT environments.
• CAP (Certified Authorization Professional), CISSP-ISSMP, CIPP/G, or CIPM.
• Experience within federal cybersecurity programs (e.g., DoD RMF, DHS 4300A, FedRAMP).
• Experience working with electronic records management systems (ERM/ECM) and NARA requirements.
• Demonstrated results integrating privacy and CUI requirements into cyber audits, achieving reduced POA&M counts, or driving compliance closure rates.

Evolver Federal is an equal opportunity employer and welcomes all job seekers. It is the policy of Evolver Federal not to discriminate based on race, color, ancestry, religion, gender, age, national origin, gender identity or expression, sexual orientation, genetic factors, pregnancy, physical or mental disability, military/veteran status, or any other factor protected by law.

Actual salary will depend on factors such as skills, qualifications, experience, market and work location. Evolver Federal offers competitive benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies.