Privacy Risk & Compliance Lead Consultant - Chicago, IL (Remote)

At Allstate, great things happen when our people work together to protect families and their belongings from life’s uncertainties. And for more than 90 years our innovative drive has kept us a step ahead of our customers’ evolving needs. From advocating for seat belts, air bags and graduated driving laws, to being an industry leader in pricing sophistication, telematics, and, more recently, device and identity protection. 

Job Description

The Privacy Risk & Compliance Lead Consultant will be a member of the Enterprise Business Conduct (EBC) unit responsible for the strategy and execution of combined ethics, compliance, and privacy risk management program, providing business advice on highly complex and/or sensitive matters that contribute to overall corporate risk management.

The individual will take a lead role in executing the risk management strategy and conducting combined ethics, compliance and privacy risk assessments including vendor risk management, and ethics, compliance or privacy spot-checks. Exercises solid abilities in managing an information lifecycle.

The individual must understand business objectives and strategies, technologies, and have a fundamental knowledge of key program elements for ethics, compliance, and privacy programs. In this role, the person directs and/or partners with other enterprise subject matter experts including business areas, risk, technology, cybersecurity and law & regulation.

All EBC associates should demonstrate change resilience and execute processes effectively and efficiently with a focus on continuous improvement and digitization when appropriate. The role entails regular interactions with department and other business leaders.

We are looking for a highly motivated and action-oriented privacy risk and compliance professional!

In this role, you will support the team that designs, develops, implements, and maintains the global privacy and regulatory compliance programs at Allstate. You will be responsible for conducting the privacy and compliance impact assessments that evaluate whether new technologies or proposed new uses or sharing of personal information meet privacy requirements to ensure risks are appropriately mitigated.

We need a strong contributor who can drive the execution of multiple projects, while partnering with the broader legal and compliance teams. The successful candidate will be a compliance professional who is passionate about ensuring privacy compliance while providing exceptional internal business partner experiences and promoting digital trust and transparency. In this role, the person partners with other enterprise subject matter experts including business areas, risk, technology, cybersecurity and law & regulation. 

Responsibilities:

• Conducts, reviews, and documents privacy impact assessments / data protection impact assessments in accordance with privacy best practices and global standards
• Has a solid understanding of the information lifecycle and can provide guidance and expertise on privacy requirements and standards
• Provides guidance, consultation, subject matter expertise and thought leadership in the privacy space including partnering with third party and security risk groups
• Takes a strong role to help ensure privacy by design through functional knowledge of professional standards and trends along with an understanding of core business processes
• Assists in establishing, managing, and monitoring appropriate privacy controls
• Collaborates with security and procurement risk groups to assess supplier risk holistically
• Assists in the proactive build of a strong compliance and privacy mindset to ensure these programs remain a company priority
• Identifies and can remove barriers to change and recommends new methods that contribute to executing compliance or privacy operations; identifies opportunities and implements process design and optimization
• Self directs own work and may provide some coaching, performance feedback, and final review/approval for the work of others
• Provides guidance to team and clients who develop, evaluate, share, and implement tangible ideas and materials to ensure compliance and privacy controls are appropriate
• Demonstrate change resilience and execute processes effectively and efficiently with a focus on continuous improvement and digitization when appropriate.
• Assist in the proactive build of a strong privacy and compliance mindset by collaborating with business teams to integrate privacy measures into design and implementation of projects / new initiatives
• Prepares metrics to provide insights on program performance

Supervisory Responsibilities:

• This job does not have supervisory duties.

Education and Experience:

• 4-year Bachelors Degree (Preferred)
• 5 or more years of experience (Preferred)
• Privacy certification such as IAPP Certified Information Privacy Professional or similar preferred
• Strong experience with and/or knowledge of privacy controls, protocols, tools, and best practices such as PCI, HIPAA, NIST, GDPR, CCPA and Privacy by Design

Functional Skills:

• Ability to influence, gain consensus, and seek ways to unite disparate ideas with practical work/project plans; work with cross-functional teams from all areas of an organization, including offsite, remote, and offshore resources
• Remain comfortable in the face of ambiguity while continuing to move work toward a goal
• Form solid assumptions and make decisions and recommendations based on a diverse pool of information
• Highly functional written, verbal, and presentation skills
• Ability to identify and adapt to communication styles of different audiences, including technical and non-technical resources
• Strong organizational and project management skills
• Recognizes gaps in process governance, and assists in the design and implementation of holistic solutions
• Ability to evolve and stay current with regulations, technology, industry, ethics, and privacy best practices in a dynamic environment
• Computer skills, including MS Office suite, used in or related to the tasks performed
• Thrives in change; able to multi-task and make effective decisions in a fast-paced, deadline-driven environment

#LI-PC1

Skills

Compensation

Compensation offered for this role is $92,560.00 - 166,465.00 annually and is based on experience and qualifications.

The candidate(s) offered this position will be required to submit to a background investigation.

Joining our team isn’t just a job — it’s an opportunity. One that takes your skills and pushes them to the next level. One that encourages you to challenge the status quo. And one where you can impact the future for the greater good.  

You’ll do all this in a flexible environment that embraces connection and belonging. And with the recognition of several inclusivity and diversity awards, we’ve proven that Allstate empowers everyone to lead, drive change and give back where they work and live. 

Good Hands. Greater Together.

Allstate generally does not sponsor individuals for employment-based visas for this position.

Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against public policy of the State of Indiana and a discriminatory practice for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States, a member of the Indiana National Guard or a member of a reserve component.

For jobs in San Francisco, please click “here” for information regarding the San Francisco Fair Chance Ordinance.
For jobs in Los Angeles, please click “here” for information regarding the Los Angeles Fair Chance Initiative for Hiring Ordinance.

To view the “EEO is the Law” poster click “here”. This poster provides information concerning the laws and procedures for filing complaints of violations of the laws with the Office of Federal Contract Compliance Programs

To view the FMLA poster, click “here”. This poster summarizing the major provisions of the Family and Medical Leave Act (FMLA) and telling employees how to file a complaint.

It is the Company’s policy to employ the best qualified individuals available for all jobs. Therefore, any discriminatory action taken on account of an employee’s ancestry, age, color, disability, genetic information, gender, gender identity, gender expression, sexual and reproductive health decision, marital status, medical condition, military or veteran status, national origin, race (include traits historically associated with race, including, but not limited to, hair texture and protective hairstyles), religion (including religious dress), sex, or sexual orientation that adversely affects an employee's terms or conditions of employment is prohibited. This policy applies to all aspects of the employment relationship, including, but not limited to, hiring, training, salary administration, promotion, job assignment, benefits, discipline, and separation of employment.