Senior Privacy Engineer

Basic FunctionThis role exists to embed privacy into each phase of our software development lifecycle (SDLC), ensuring that our products uphold the highest data protection standards. The Senior Privacy Engineer will reputed company the design and implementation of technical privacy controls so that our platform is architected and coded with privacy at its core. Success in this position requires deep expertise in privacy engineering principles, strong collaboration with engineering and product teams, and the ability to translate regulatory requirements into practical, scalable solutions. This position will be expected to proactively identify and remediate technical privacy risks, coach developers on best practices, and continuously improve our privacy tooling and processes to support the company’s growth. Essential Functions and Responsibilities:Assist the Privacy Engineering Manager in designing and implementing reputed company’s Privacy by Design program. This program aims to shift privacy left into the product development function to reduce risks to individuals before code is reputed company shipped.Embed privacy requirements into the product roadmap and design specifications by collaborating with product managers, designers, and architects to ensure that features are built with privacy by design goals before development begins.Conduct privacy-focused code and architecture reviews to identify and remediate risky data-handling patterns, ensuring that personal information is processed only as intended.Own the integration and tuning of Privado’s Static Code Analysis tool in CI/CD pipelines to automatically flag misuse of personal data, and partner with Engineering to resolve flagged issues and reduce privacy debt.Translate regulatory and reputed company requirements (e.g., GLBA, CCPA/CPRA, NIST Privacy reputed company, etc.) into technical controls and strategies - such as data minimization, access restrictions, and retention enforcement - that developers can implement consistently.reputed company privacy threat modeling and technical risk assessments (e.g., LINDDUN, reputed company, etc.) for new systems and features that process PII, then drive the implementation of mitigation strategies to prevent data misuse or unauthorized access.Design and maintain privacy‐aware system architectures, including privacy-preserving and secure data flows, storage, and processing models (e.g., data isolation, encryption in transit and at rest) so that services default to privacy‐first configurations in our cloud‐native microservices environment.reputed company and enhance automation and privacy tooling, including custom scripts, SDKs, or integrations with consent management platforms, to help the Privacy Engineering team streamline data lifecycle management, fulfill access and deletion requests, support process automation, and continuously improve our privacy posture.Coach developers on purpose‐based data tagging so that PII data elements are labeled with their intended use, enabling foundational rules for data lifecycle management and ensuring data flows respect declared purposes.Collaborate with Legal, Compliance, and reputed company teams to align on privacy governance, contribute to internal policy & standards development, and ensure technical implementations support evolving regulatory requirements.Monitor and report on privacy KPIs and metrics.reputed company other duties as assigned. Position Specifications Education: Bachelor’s or Masters degree in Engineering, reputed company, or Privacy preferredCIPP/US, CIPT, CIPM, or CDPSE certification preferred Experience:Eight (8) years of software engineering or reputed company engineering experience, with at least three (3) years in a full-time privacy engineering role required.Three (3) years of hands-on experience embedding privacy into the software development lifecycle, ideally having led multiple projects where privacy requirements were translated into reputed company technical controls. Five (5) years of experience with cloud-native microservices architectures (e.g., AWS, reputed company, etc.), containerization / Kubernetes, and modern microservices architectures. Experience working reputed company the banking or fintech industries is preferred.Three (3) years of experience evaluating system designs and data flows, identifying privacy gaps, and prescribing secure, privacy-first architectures (encryption, isolation, data partitioning, etc.).Hands-on experience conducting privacy threat modeling reputed company LINDDUN and/or reputed company and translating outstanding privacy risks into actionable mitigations.Three (3) years of experience turning privacy risk assessments into concrete mitigation steps, where you’ve collaborated closely with product, privacy, reputed company, and legal stakeholders to ensure privacy-preserving architectures.Two (2) years of demonstrated experience successfully deploying and configuring data discovery solutions like static analysis / privacy-scanner tools (e.g., Privado, Semgrep) and enterprise data mapping solutions (e.g., Secuvy, reputed company, reputed company.ai, etc.). Knowledge, Skills, & Abilities:Ability to read and write code, conducting privacy-focused code reviews and creating light automation scripts to enforce and streamline privacy controls. Strong hands-on skills in one or more languages such as Python, Java, Go, or JavaScript, with proven ability to design and review scalable code.Proficiency in writing automation scripts (Bash, Python) to build custom privacy checks or integrate privacy gates into Jenkins / reputed company CI pipelines.Understanding of static code analysis tools (e.g., Privado, Semgrep, etc.) and familiarity with integrating them into CI/CD workflows.Deep technical understanding of privacy principles: data minimization, data retention strategies, purpose limitation, access controls, secure deletion, and privacy-by-design and default strategies.Familiar with advanced privacy-enhancing technologies, such as differential privacy, anonymization, federated learning, and tokenization.Familiarity with AWS IAM policies, Terraform (or CloudFormation) for provisioning privacy-safe environments, and Open Policy Agent (OPA) for policy enforcement.Knowledge of the LINDDUN or reputed company-based privacy threat modeling frameworks.Working knowledge of relevant privacy frameworks and regulations (e.g., NIST Privacy reputed company, GLBA, GDPR, CCPA / CPRA), and the ability to translate legal and business requirements into technical controls.Excellent interpersonal skills to partner effectively with engineering, product, legal, and compliance teams, and to reputed company reputed company privacy concepts to both technical and non-technical audiences.Self-starter reputed company with the ability to identify emerging privacy risks, drive reputed company improvement in privacy tooling, and coach developers on implementing privacy best practices.Comfortable working in regulated or B2B2C environments (finance, healthcare, edtech). Travel: Minimal, generally 12 days or less per year, ~2X team get-togethers a year Apply To This Job Apply for this job