- Serve as a trusted advisor to business and technology partners by demonstrating an understanding of the partner’s business initiatives, mission, and goals, and operating in a complex and evolving risk landscape.
- Understand business requirements and works with stakeholders to define appropriate solutions and controls while meeting business goals and objectives.
- Perform impact and/or risk assessments to identify both real and potential privacy threats that can affect Allstate's technology and business environment.
- Identify and recommend appropriate measures and controls to manage and mitigate risk privacy risk at a level acceptable to the senior management of the company.
- Review complex changes in company processes, standards, and technology to ensure the effectiveness of privacy risk mitigation strategies.
- Participate in company processes, standards and technologies to ensure the effectiveness of privacy controls to meet compliance requirements.
- Research and analyze technology and business impact and exposure based on emerging privacy threats, vulnerabilities, and risks.
- Support risk-based decision making through the use of portfolio models, privacy risk controls, matrixes and predictive modeling.
- Maintain awareness of current privacy best practices, industry standards, references, data models and regulatory compliance to understand and evaluate potential areas of privacy risk to Personal Information.
- Promote and consult on the controls and activities that help strengthen and secure the protection of Personal Information.
- Be a liaison and subject matter expert for the organization's privacy policies, procedures, and best practices.
- Champion the integration of privacy activities into Allstate’s day-to-day processes including work intake and project management processes.
- Other duties as assigned.
- Education: college degree or equivalent work experience in the field of privacy risk management: Minimum experience between 3 and 5 years.
- Able to manage a diverse workload and multiple projects in line with multiple and varying regulatory obligations.
- Able to influence, gain consensus, unite disparate ideas with practical work/project plans; work with cross-functional teams from all areas of an organization, including offsite, remote and offshore resources.
- Work comfortably in the face of ambiguity while continuing to move work toward a goal. Form solid assumptions and make decisions and recommendations based on a diverse pool of information.
- Strong written, verbal, and presentation skills. Ability to tailor communication style to audience at hand, including technical and non-technical resources.
- Strong organizational and project management skills.
- Able to evolve and stay current with regulations, technology, industry and privacy best practices in a dynamic environment.
- Demonstrate ability to stay current of evolving technology such as cloud and mobile computing.
- Adapt well to change; able to multi-task and make effective decisions in a fast-paced, deadline-driven environment.
- Experience with and/or knowledge of privacy controls, protocols, tools, and best practices such as PCI, HIPAA, NIST, GAPP, GDPR, and Privacy by Design.
- IAPP or other privacy industry certification preferred.
Application Submission Information:
Please apply online to www.allstate.com. From within the Careers section, apply directly to 101525; or apply directly to the link: https://jobsearch.allstate.com/ShowJob/Id/1544432/Senior-Privacy-Consultant-I-Northbrook/