Senior Privacy Consultant I, Allstate, Northbrook, IL

Position Description:

  • Serve as a trusted advisor to business and technology partners by demonstrating an understanding of the partner’s business initiatives, mission, and goals, and operating in a complex and evolving risk landscape.
  • Understand business requirements and works with stakeholders to define appropriate solutions and controls while meeting business goals and objectives.
  • Perform impact and/or risk assessments to identify both real and potential privacy threats that can affect Allstate's technology and business environment.
  • Identify and recommend appropriate measures and controls to manage and mitigate risk privacy risk at a level acceptable to the senior management of the company.
  • Review complex changes in company processes, standards, and technology to ensure the effectiveness of privacy risk mitigation strategies.
  • Participate in company processes, standards and technologies to ensure the effectiveness of privacy controls to meet compliance requirements.
  • Research and analyze technology and business impact and exposure based on emerging privacy threats, vulnerabilities, and risks.
  • Support risk-based decision making through the use of portfolio models, privacy risk controls, matrixes and predictive modeling.
  • Maintain awareness of current privacy best practices, industry standards, references, data models and regulatory compliance to understand and evaluate potential areas of privacy risk to Personal Information.
  • Promote and consult on the controls and activities that help strengthen and secure the protection of Personal Information.
  • Be a liaison and subject matter expert for the organization's privacy policies, procedures, and best practices.
  • Champion the integration of privacy activities into Allstate’s day-to-day processes including work intake and project management processes.
  • Other duties as assigned.


  • Education: college degree or equivalent work experience in the field of privacy risk management: Minimum experience between 3 and 5 years.
  • Able to manage a diverse workload and multiple projects in line with multiple and varying regulatory obligations.
  • Able to influence, gain consensus, unite disparate ideas with practical work/project plans; work with cross-functional teams from all areas of an organization, including offsite, remote and offshore resources.
  • Work comfortably in the face of ambiguity while continuing to move work toward a goal. Form solid assumptions and make decisions and recommendations based on a diverse pool of information.
  • Strong written, verbal, and presentation skills. Ability to tailor communication style to audience at hand, including technical and non-technical resources.
  • Strong organizational and project management skills.
  • Able to evolve and stay current with regulations, technology, industry and privacy best practices in a dynamic environment.
  • Demonstrate ability to stay current of evolving technology such as cloud and mobile computing.
  • Adapt well to change; able to multi-task and make effective decisions in a fast-paced, deadline-driven environment.
  • Experience with and/or knowledge of privacy controls, protocols, tools, and best practices such as PCI, HIPAA, NIST, GAPP, GDPR, and Privacy by Design.
  • IAPP or other privacy industry certification preferred.

Application Submission Information:

Please apply online to From within the Careers section, apply directly to 101525; or apply directly to the link: