HiringCafe
Posted 1mo ago

IT Privacy Engineer

@ The Aspen Group
View All Jobs
Chicago, Illinois, United States
$130k-$150k/yrOnsiteFull Time
Responsibilities:Administer OneTrust, Design pipelines, Integrate systems
Requirements Summary:5+ years in privacy engineering or related security/compliance; OneTrust experience (2+ modules); knowledge of GDPR/CCPA/HIPAA; Bachelor's in CS/IS/Info Assurance; 130k-150k salary; cloud and automation skills.
Technical Tools Mentioned:OneTrust, Data Mapping, DSAR Automation, Cookie Consent, Vendor Risk Management, PIA/DPIA, REST APIs, Scripting, Python, JavaScript, PowerShell, Terraform, AWS, Azure, GCP, Splunk, Chronicle, Collibra, Alation
Save
Mark Applied
Hide Job
Report & Hide
Job Description

The Aspen Group (TAG) is one of the largest and most trusted retail healthcare business support organizations in the U.S. and has supported over 20,000 healthcare professionals and team members with close to 1,500 health and wellness offices across 48 states in four distinct categories: dental care, urgent care, medical aesthetics, and animal health. Working in partnership with independent practice owners and clinicians, the team is united with a single purpose: to prove that healthcare can be better and smarter for everyone. TAG provides a comprehensive suite of centralized business support services that power the impact of five consumer-facing businesses: Aspen Dental, ClearChoice Dental Implant Centers, WellNow Urgent Care, Chapter Aesthetic Studio, and Lovet. Each brand has access to a deep community of experts, tools and resources to grow their practices, and an unwavering commitment to delivering high-quality consumer healthcare experiences at scale.

As a reflection of our current needs and planned growth we are very pleased to offer a new opportunity to join our dedicated team as a IT Privacy Engineer.

Job Overview:

A Privacy Engineer designs, implements, and maintains privacy controls and data protection capabilities across the enterprise, with a primary focus on the OneTrust platform. This role is responsible for operationalizing privacy regulations into technical workflows, building and optimizing data mapping and discovery pipelines, managing consent and preference frameworks, and enabling scalable compliance across business units. The Privacy Engineer partners closely with Legal, Information Security, Engineering, and Governance teams to embed privacy-by-design principles into systems, products, and data practices. This role requires a combination of hands-on technical expertise with privacy management platforms and a strong working knowledge of global privacy regulations.

Essential Job Duties:

  • Administer, configure, and optimize the OneTrust platform across modules including Data Mapping & Discovery, Privacy Rights Automation (DSAR), Cookie Consent, Vendor Risk Management, and Assessment Automation (PIA/DPIA)

  • Design and maintain data discovery and classification pipelines to identify, inventory, and map personal and sensitive data across structured and unstructured environments

  • Build and manage automated Data Subject Access Request (DSAR) workflows, ensuring timely and compliant fulfillment across all applicable jurisdictions

  • Implement and maintain cookie consent banners, preference centers, and universal consent mechanisms aligned with GDPR, CCPA/CPRA, and emerging state and global privacy laws

  • Integrate OneTrust with enterprise systems including CMDB, IAM/SSO (Entra, Okta), SIEM/SOAR, HRIS, CRM, and cloud platforms via APIs, connectors, and custom scripting

  • Develop and execute Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) within OneTrust, collaborating with business stakeholders to identify and mitigate privacy risks

  • Design and implement Data Loss Prevention (DLP) and redaction controls in partnership with Information Security to prevent unauthorized disclosure of personal or regulated data

  • Collaborate with Legal and Compliance to translate regulatory requirements (GDPR, CCPA/CPRA, HIPAA, state privacy laws, etc.) into enforceable technical controls and platform configurations

  • Create and maintain privacy program artifacts including data flow diagrams, processing records (RoPA), policy-as-code configurations, and risk assessment documentation

  • Monitor, log, and audit privacy-related events for policy violations, regulatory reporting, and incident correlation; generate dashboards and compliance reports from OneTrust

  • Support privacy incident response by building breach detection workflows, notification timelines, and regulatory reporting mechanisms within OneTrust

  • Contribute to the development of enterprise privacy standards, playbooks, and architectural patterns that scale across lines of business

  • Stay current on evolving global privacy regulations, enforcement trends, and OneTrust platform updates; advise stakeholders on their operational impact

  • Automate privacy compliance checks, assessment workflows, and remediation tracking for scale and operational efficiency

Skills and Experience

  • At least 5+ years' experience in privacy engineering, data protection, or a related compliance/security engineering discipline

  • Hands-on experience administering and configuring OneTrust, including at least two of the following modules: Data Mapping, DSAR Automation, Cookie Consent, Assessment Automation, or Vendor Risk Management

  • Strong understanding of global privacy regulations including GDPR, CCPA/CPRA, HIPAA, and U.S. state privacy laws

  • Experience integrating privacy platforms with enterprise systems via REST APIs, webhooks, and middleware

  • Familiarity with data discovery and classification tools (e.g., Informatica, BigID, or native OneTrust discovery)

  • Solid understanding of data architecture concepts including data lineage, cataloging, and metadata management

  • Experience with secure software development practices and privacy-by-design principles

  • Excellent problem-solving, communication, and cross-functional collaboration skills

  • Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.

Additional Qualifications

  • Experience with applications hosted in Google Cloud Platform (GCP), Amazon Web Services (AWS), or Microsoft Azure

  • Proficiency with scripting in Python, JavaScript, PowerShell, or similar languages for automation and integration tasks

  • Proficiency with Terraform, infrastructure-as-code, and cloud automation practices

  • Prior experience with SIEM/logging platforms (e.g., Chronicle, Splunk) for privacy event monitoring and audit

  • Experience with one or more of the following frameworks: ISO 27701, ISO 27001, NIST Privacy Framework, NIST AI RMF, PCI DSS, SOC 2, or EU AI Act

  • Working knowledge of Windows, Linux, and Unix environments

  • Familiarity with data governance platforms (e.g., Collibra, Alation) and their interaction with privacy tooling

  • Highly trustworthy; leads by example

Education Requirements

  • Bachelor's degree in computer science, information systems, information assurance, or related field, or equivalent experience

Experience Requirements

  • 5-7+ years of related experience required

Certification Requirements

  • IAPP certifications strongly preferred: CIPP/US, CIPP/E, CIPM, or CIPT

  • OneTrust Certified Professional (or willingness to obtain within 6 months)

  • Additional certifications valued: CISSP, CISM, ISO 27701 Lead Implementer, or FIP (Fellow of Information Privacy)

Annual Salary Range: $130,000-$150,000/year, with a generous benefits package that includes paid time off, health, dental, vision, and 401(k) savings plan with match.

If you are an applicant residing in California, please view our privacy policy here: https://careers.aspendental.com/us/en/tag-privacy-policy-for-california-employees