π Location: San Jose, CA β Onsite
β³ Duration: 6 Months Contract
π― Experience Required: 8β12 Years
We are seeking an experienced GRC Consultant with strong hands-on expertise in OneTrust Privacy, Data Compliance, and Consent Management. This role will focus on driving enterprise-wide data privacy programs, ensuring regulatory compliance, and optimizing governance frameworks.
The ideal candidate will have a deep understanding of global privacy regulations, enterprise risk processes, and data governance best practices.
Administer, configure, and optimize the OneTrust Data Compliance & Consent Management Platform.
Support modules such as:
Privacy Assessments (PIA/DPIA)
Data Subject Access Requests (DSARs)
Vendor Risk Management
Cookie & Consent Management
Data Mapping & Inventory
Ensure accurate policy configuration, workflow design, data classification, and automation setup.
Support enterprise-wide privacy programs aligned with major regulations like GDPR, CCPA, CPRA, HIPAA, ISO 27001, etc.
Manage the full lifecycle of DSAR requests, ensuring timely acknowledgement, validation, fulfillment, and closure.
Facilitate privacy risk assessments and track remediation activities.
Implement GRC frameworks, ensuring alignment with organizational policies and regulatory expectations.
Conduct risk analysis, identify control gaps, and recommend mitigation strategies.
Work closely with data owners, IT, security, and compliance teams to maintain continuous governance.
Use OneTrust to perform vendor risk assessments, manage questionnaires, and track vendor compliance posture.
Review and validate third-party security controls, data handling practices, and SLAs.
Prepare dashboards and reports for leadership, covering:
DSAR metrics
Risk findings
Assessment progress
Consent analytics
Maintain documentation for policies, procedures, and operating manuals.
Work with Security, Legal, Privacy, Engineering, and Product teams to ensure data governance alignment.
Serve as SME for privacy tools, best practices, and compliance automation.
8β12 years of experience in GRC, Data Privacy, Risk Management, or Compliance.
Strong hands-on expertise in OneTrust modules (mandatory).
Deep understanding of GDPR, CCPA, CPRA, SOX, ISO 27001, NIST frameworks.
Strong analytical skills to assess risk and recommend controls.
Excellent communication & stakeholder management abilities.
Experience in consent management, data discovery, and governance processes.
Ability to work onsite in a fast-paced environment in San Jose, CA.
#GRCConsultant #OneTrust #DataPrivacyJobs #GRCJobs #RiskManagement #ComplianceJobs #DataGovernance #PrivacyCompliance #VendorRiskManagement #DSAR #ConsentManagement #GDPRCompliance #CCPACompliance #ISO27001 #NISTFramework #GovernanceRiskCompliance #CyberSecurityJobs #SanJoseJobs #CaliforniaJobs #OnsiteJobs #DataProtection #PrivacyProgram #RiskAssessment #ComplianceConsultant #PrivacyAnalyst #TechJobsUSA #RegulatoryCompliance #SecurityCompliance #EnterpriseRisk #PrivacyEngineer #DataSecurity #ThirdPartyRisk #PolicyCompliance #GRCExpert #OneTrustConsultant