Risk Assessment Senior Consultant
Where good people build rewarding careers.
Think that working in the insurance field can't be exciting, rewarding and challenging? Think again. You'll help us reinvent protection and retirement to improve customers' lives. We'll help you make an impact with our training and mentoring offerings. Here, you'll have the opportunity to expand and apply your skills in ways you never thought possible. And you'll have fun doing it. Join a company of individuals with hopes, plans and passions, all using and developing our talents for good, at work and in life.
The Privacy - Governance of Personal Information (GPI) Consultant is responsible for driving activities that support the identification, analysis, mitigation, management, and reporting of privacy risk. The Consultant performs analysis to mitigate risks, conducts research to identify emerging trends in privacy risk management and risk mitigation, and participates the implementation of programs that ensure or improve the effectiveness of Privacy - GPI, privacy risk management and protection strategies.
- Serve as a trusted GPI advisor to business and technology partners through demonstration of a strategic understanding of the partner's business, mission and goals, and support business initiatives in a complex and evolving risk landscape.
- Perform impact and/or risk assessments and analysis to isolate, describe and resolve both real and potential privacy threats that can affect Allstate's technology and business environment.
- Identify and recommend appropriate measures to manage and mitigate risks and reduce potential impact to personal information to a level acceptable to the senior management of the company.
- Review complex changes in company processes, standards, and technology to ensure the effectiveness of privacy risk mitigation strategies.
- Consult with stakeholders on requirements for new and existing business / technology solutions.
- Understand business requirements and work to define appropriate solutions and controls while meeting business goals and objectives.
- Participate in company processes, standards and technology to ensure the effectiveness of privacy and security controls to meet compliance requirements.
- Maintain awareness of current privacy best practices, industry standards, reference, data models and regulatory compliance to understand and evaluate potential areas of risk to personal information.
- Research and analyze technology and business impact and exposure based on emerging privacy and security threats, vulnerabilities, and risks.
- Support risk-based decision making through the use of portfolio models, privacy and security risk controls, matrix, and predictive modeling.
- Champion the integration of Privacy - GPI Information activities into Allstate day to day processes including work intake and project management processes.
- Promote and consult on the positions that help strengthen and secure the organization by either following standards or helping direct others on technology positions.
- Be a liaison and subject matter expert for the organization's GPI privacy, policies, procedures, and best practices.
- Other duties as assigned.
- Education: college degree or equivalent work experience in the field of privacy and or information security. 3-5 years' experience of IT, security and/or privacy experience
- Certifications: Privacy and/or security preferred.
- Able to manage a diverse workload and multiple projects at the same time and keep track of multiple and varying regulatory obligations.
- Able to gain consensus, unite disparate ideas with practical work/project plans; work with a cross-section of individuals in all areas of an organization, and have effective presentation and influencing skills.
- Work comfortably in the face of ambiguity while continuing to move work toward a goal. Form solid assumptions and make decisions and recommendations based on a diverse pool of information.
- Demonstrates ability to participate in cross functional teams, including offsite, remote and offshore resources.
- Strong written, verbal communication skills. Ability to tailor communication style to audience at hand.
- Ability to effectively communicate with technical and non-technical resources.
- Strong organizational and project management skills.
- Able to evolve and stay current with regulations, technology, industry and best practices for IT, security and privacy in a dynamic environment.
- Demonstrates ability to stay abreast securing evolving technology such as cloud and mobile computing.
- Adapts well to change; able to multi-task and make effective decisions in a fast-paced, deadline-driven environment.
- Experience with and/or knowledge of privacy and security controls, protocols, tools and systems such as PCI, HIPAA, NIST, ISO (2700X), GAPP, Privacy by Design.
- IAPP certification expected within 1 year of hire.
The candidate(s) offered this position will be required to submit to a background investigation, which includes a drug screen.
Good Work. Good Life. Good Hands®.
As a Fortune 100 company and industry leader, we provide a competitive salary – but that's just the beginning. Our Total Rewards package also offers benefits like tuition assistance, medical and dental insurance, as well as a robust pension and 401(k). Plus, you'll have access to a wide variety of programs to help you balance your work and personal life -- including a generous paid time off policy.
Learn more about life at Allstate. Connect with us on Twitter, Facebook, Instagram and LinkedIn or watch a video.
Allstate generally does not sponsor individuals for employment-based visas for this position.
Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against public policy of the State of Indiana and a discriminatory practice for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States, a member of the Indiana National Guard or a member of a reserve component.
For jobs in San Francisco, please see the notice regarding the San Francisco Fair Chance Ordinance.
For jobs in Los Angeles, please seethe notice regarding the Los Angeles Ordinance.
It is the policy of Allstate to employ the best qualified individuals available for all jobs without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity/gender expression, disability, and citizenship status as a veteran with a disability or veteran of the Vietnam Era.
Meet Some of Allstate's Employees
Director Of Technology Strategy
Josh is constantly looking for opportunities for Allstate to use technology and computer software in innovative ways that continue to build on the company’s core strengths.
Back to top