Privacy and Controlled Unclassified Information (CUI) Manager en Cybervance

Position Title: Privacy and Controlled Unclassified Information (CUI) Manager

Location: On Site - Washington, D.C.

Clearance Required: Public Trust

Cybervance is a rapidly growing information security and information technology company in Washington, D.C., and we are an equal opportunity employer that designs, develops, and manages the successful execution of training programs for government and private sector organizations. Cybervance believes in creating innovative solutions to deliver measured results.

Cybervance is seeking an experienced Privacy and Controlled Unclassified Information (CUI) Lead to oversee and mature enterprise privacy and CUI programs. This role requires a seasoned professional with expertise in federal privacy law, CUI policy, and records management, who can provide strategic leadership while also ensuring compliance at the operational level. ‘

The Privacy and CUI Lead will serve as a key advisor and liaison between technical, operational, and executive stakeholders, ensuring that privacy and CUI requirements are integrated into agency operations. The ideal candidate will bring proven experience leading privacy and CUI programs, proficiency in federal mandates and frameworks, and the ability to educate, coordinate, and enforce requirements across the organization.

Responsibilities:

• Lead enterprise efforts to implement and manage privacy and controlled unclassified information (CUI) programs in compliance with federal laws, executive orders, and OMB guidance.

• Oversee processes for data labeling, marking, categorizing, and destruction of CUI, as well as records digitization and lifecycle management.

• Serve as the organizational liaison and coordinator across privacy and CUI disciplines, ensuring cohesive work products and program alignment.

• Apply privacy risk management frameworks to strengthen and mature the organization’s privacy program in collaboration with the Chief Privacy Officer.

• Ensure compliance with key federal statutes and directives, including:

o Privacy Act of 1974 (as amended)

o NIST SP 800-53 Rev. 5

o E-Government Act of 2002, Section 208

o NIST SP 800-122

o Executive Orders 13556 and 13719

o Presidential and Federal Records Act Amendments of 2014

o FISMA Act of 2014

o OMB Circulars A-130, A-108, and A-123

• Develop policies, procedures, and training to ensure proper handling of privacy data and CUI across the organization.

• Provide subject matter expertise and guidance to senior management on privacy and CUI obligations.

• Collaborate with cross-functional teams to ensure privacy and CUI considerations are incorporated into new systems, projects, and initiatives.

• Lead reviews, assessments, and audits to evaluate compliance posture and recommend improvements.

• Support enterprise readiness for federal oversight, including Inspector General (IG) reviews, agency evaluations, and other compliance inspections.

Required Skills and Experience:

• Demonstrated experience in data labeling, marking, categorizing, and handling CUI, including destruction and digitization processes.

• Proven leadership experience in roles requiring coordination across privacy and CUI (or similar disciplines).

• Strong knowledge of federal privacy and CUI mandates, including the Privacy Act, Executive Orders, NIST standards, and OMB circulars.

• Experience applying privacy risk management frameworks to enhance and mature privacy programs.

• Exceptional ability to multitask and manage competing deadlines under short suspenses.

• Excellent teaching, problem-solving, and communication skills with the ability to clearly explain complex requirements.

• Proven ability to interact with a broad cross-section of personnel, including senior management, to ensure compliance with the Privacy Act, CUI policies, and Federal Records Act requirements.

• Strong interpersonal skills with the ability to influence, guide, and train staff at all levels.

• Education and Certifications: bachelor’s degree in Information Security, Law, Public Policy, Information Management, or a related field (or equivalent experience).

• Industry-recognized certifications in privacy, information governance, or compliance (e.g., CIPP/G, CIPM, IGP, or CISSP with privacy specialization) are highly desirable.