OneMain Financial Jobs

Responsibilities:

Privacy Program Operations

• Implement and maintain the Corcepts privacy program, including policies, guidelines, and work instructions
• Operationalize privacy requirements under applicable data protection laws (e.g., GDPR, UK GDPR, CCPA, U.S. state privacy laws, and other global regulations)
• Maintain records of processing activities (RoPA), data inventories, and supporting documentation
• Support privacy-by-design principles in business processes and systems

Data Subject Rights and Incident Management

• Own and manage the intake, tracking, and fulfillment of data subject rights requests (DSARs), including access, deletion, correction, and objection requests
• Support privacy incident and breach response activities, including intake, triage, investigation support, documentation, and remediation tracking
• Coordinate with internal stakeholders to ensure timely, accurate, and well documented responses within statutory deadlines

Privacy Risk Management

• Coordinate and perform privacy impact assessments / data protection impact assessments (PIAs/DPIAs) in collaboration with IT and business teams
• Identify operational privacy risks and recommend mitigation strategies
• Support internal audits, inspections, and regulatory inquiries related to privacy

Vendor Privacy Support

• Support vendor privacy due diligence and onboarding processes, including privacy questionnaires and risk assessments
• Assist with the operational implementation of data processing agreements and privacy-related contractual requirements
• Track and monitor privacy obligations applicable to vendors

Training, Awareness and Enablement

• Develop and deliver role-based privacy training and awareness materials
• Act as a point of contact for business teams on operational privacy questions
• Promote a culture of privacy, accountability, and data protection across the organization

Reporting and Continuous Improvement

• Track and report on privacy metrics and key performance indicators (KPIs)
• Identify opportunities to streamline and automate privacy processes and workflows
• Monitor regulatory developments and recommend operational enhancements as needed

Preferred Skills, Qualifications and Technical Proficiencies:

• Hands-on experience operationalizing privacy programs in a regulated environment, preferably pharmaceuticals, biotech, or life sciences
• Strong working knowledge of global privacy frameworks, including GDPR, CCPA and U.S. privacy laws
• Demonstrated experience managing DSARs, PIAs/DPIAs, and privacy incident workflows
• Familiarity with Privacy management and workflow tools (e.g., OneTrust or similar platforms), Data mapping, RoPA, and DSAR management tools
• Familiarity with information security and IT concepts (e.g., access controls, encryption, data lifecycle management)
• Proficiency with Microsoft 365 tools (Excel, Word, PowerPoint, Teams) for documentation and reporting
• Ability to translate legal requirements into clear, practical operational processes
• Strong project management, organizational, and documentation skills
• Excellent communication skills with the ability to work effectively across legal, technical, and business teams

Preferred Education and Experience:

• 7+ years of experience in privacy and data protection, preferably in the pharmaceutical/biotech/life sciences industry
• Bachelors degree required
• Relevant privacy or compliance certifications preferred, such as:
  • Certified Information Privacy Manager (CIPM)
  • Certified Information Privacy Professional (CIPP/US, CIPP/E, or equivalent)

The pay range that the Company reasonably expects to pay for this headquarters-based position is $193,770 - $227,880; the pay ultimately offered may vary based on legitimate considerations, including geographic location, job-related knowl dge, skills, experience, and education.

Applicants must be currently authorized to work in the United States on a full-time basis.

For information on how Corcept collects, uses, discloses, protects, and otherwise processes personal information and an explanation of the rights and choices available to you with respect to your personal information, please refer to ourPrivacy Notice link.

Corcept appreciates the commitment and hard work of all our team members as we strive to discover and develop novel treatments for patients with serious unmet medical needs.

Please visit our website at:

Corcept is an Equal Opportunity Employer

Corcept will not conduct interviews via text message or messaging platforms and will not ask you to download anything as part of your interview. Though we use third-party tools to help with advertising our jobs, please be vigilant in checking that the communication is in fact coming from Corcept.