Privacy Risk Consultant - Education & Incident Management

As our Privacy Risk Consultant - Education & Incident Management, you’ll play a key role in safeguarding our data and upholding trust by guiding how we handle personal information and artificial intelligence (AI). You’ll collaborate with teams across the enterprise—legal, compliance, business operations, data and AI governance, and technology—to ensure we’re compliant, thoughtful, and forward-looking in how we manage data and privacy.

WHAT WE CAN OFFER YOU:

• Estimated Salary: $99,000 -$112,000, plus annual bonus opportunity.
• 401(k) plan with a 2% company contribution and 6% company match.
• Work-life balance with vacation, personal time and paid holidays. See our benefits and perks page for details.
• Applicants for this position must not now, nor at any point in the future, require sponsorship for employment. 

WHAT YOU'LL DO:

• Lead cross-functional teams to investigate and remediate privacy incidents, ensuring timely resolution, consistent handling, and alignment with enterprise-wide privacy policies and standards.
• Lead or contribute to cross-functional efforts to identify, assess, and mitigate current and emerging privacy risks, ensuring risks are understood and effectively managed across the enterprise.
• Develop and deliver privacy and information management education that translates complex regulatory requirements into clear, practical, and engaging learning experiences for business and technical audiences, using multi-modal materials (visual, verbal, written, scenario-based, interactive) tailored to varied learning styles and roles across the organization.
• Stay current on evolving privacy and AI laws and regulations and advise on their impact to business and technical processes, contracts, vendors, and data use. .
• Lead privacy impact assessments of data use by internal stakeholders and vendors, applying federal and state regulations (e.g., HIPAA, GLBA, CCPA) to real-world business scenarios and consulting on controls to reduce risk.
• Consult on enterprise initiatives, high-risk vendors, and contracts to ensure compliant use and sharing of personal data, and partner with stakeholders to implement necessary safeguards.
• Provide guidance and create business-oriented playbooks regarding permissible data access and use, data minimization, data lifecycle management, and consumer privacy rights, helping embed privacy into the design of new systems, tools, and processes.
• Manage and respond to data subject access requests and support periodic monitoring and testing of privacy and information management controls, helping identify issues and assist business teams with appropriate remediation as needed.

WHAT YOU’LL BRING:

• A strong background in privacy, data protection, or regulatory compliance, with working knowledge of U.S. privacy laws such as HIPAA, GLBA, and CCPA, and U.S. AI regulations.
• A demonstrated ability to simplify complex, nuanced subject matter (such as HIPAA privacy requirements) and adapt communication and teaching methods to meet audiences where they are—anticipating different levels of familiarity with the subject matter and creating audience-appropriate content that resonates, engages, and drives real behavior change.Experience applying legal and regulatory frameworks to real-world business practices and partnering across legal, compliance, business, and technical teams.
• Strategic and analytical mindset focused on enabling compliant business solutions, identifying risks, driving resolutions, and monitoring implementation through effective project management.
• A foundational understanding of digital privacy, Generative AI, predictive models, machine learning, cloud-based data platforms (e.g. AWS, Snowflake), metadata management, data governance, and data lifecycle management.
• Knowledge of risk and compliance frameworks, tools, and systems to support privacy risk identification, assessment, and mitigation.
• Ability to lead cross-functional initiatives, influence stakeholders, and drive consensus on privacy and compliance decisions.
• Commitment to fostering a culture of diversity and inclusion, value different perspectives, and approaching challenges with curiosity and courage.
• Able to work remotely with access to a high-speed internet connection and located in the United States or Puerto Rico.

PREFERRED:

• 2 -4 years of experience in privacy compliance.
• Familiarity with financial services, insurance, health, or banking sectors.
• CIPP/US, CIPM, CIPT or equivalent privacy or security certifications
• General knowledge of technologies required to assess, create, and deploy privacy solutions.

We value diverse experience, skills, and passion for innovation. If your experience aligns with the listed requirements, please apply! 

If you have questions about your application or the hiring process, email our Talent Acquisition area at careers@mutualofomaha.com. Please allow at least one week from time of applying if you are checking on the status.

Stay Safe from Job Scams
Mutual of Omaha only accepts applications from mutualofomaha.com/careers. Legitimate communications will come from '@mutualofomaha.com.' We never request sensitive information or extend job offers without conducting interviews. For more details, check our Hiring FAQs. Stay alert for scams and apply securely!

Fair Chance Notices