Data Security and Privacy Engineer

  • San Jose, CA
  • Posted 2 days ago | Updated 2 days ago

Overview

On Site
$55 - $60
Accepts corp to corp applications
Contract - W2
Contract - Independent
Contract - 12 Month(s)

Skills

Privacy
Security
Data Classification
Data Lineage
Data Retention
Encryption
Access Control
Minimization
Git
CI/CD
Scanning
SDLC
DevOps
Cloud
API
Authentication
Authorization
AppSec
Product Security
Monitoring
Observability
Logging
Governance
Communication
Compliance

Job Details

Data Security and Privacy Engineer

What We re Looking For
A practical data security practitioner;someone who can own the data security/privacy platform end-to-end, work with engineering to understand data flows, and drive real improvements in how data is collected, classified, protected, and retired. The right person will bridge engineering and compliance, enabling us to operationalize data security at scale.
Platform Administration & Engineering Integration
  • Administer and configure the data security/privacy platform.
  • Integrate the platform into source code repositories, CI/CD pipelines, and engineering systems.
  • Analyze scan results, triage anomalies/false positives, and collaborate with developers on remediation.
  • Ensure outputs are actionable and embedded into day-to-day dev workflows.
Data Flow Understanding & Classification
  • Partner with engineering to map data flows (customer, employee, PII, sensitive data).
  • Build and maintain data classification models within the platform.
  • Validate classifications with engineering teams and incorporate into design reviews.
  • Package outputs into product-level deliverables for data security posture.
Shift-Left Data Security
  • Champion a privacy by design / security by design approach in product development.
  • Integrate data security checks early in the SDLC and CI/CD pipelines.
  • Define guardrails for handling PII and sensitive data with engineering leadership.
  • Identify and fix risky data practices before release.
Data Lifecycle Management
  • Develop and enforce policies for data retention, archival, and secure deletion.
  • Minimize storage of sensitive data in non-production systems, logs, and backups.
  • Work with engineering and DevOps to ensure encryption and access control at every stage of the lifecycle.
  • Establish processes for monitoring data movement across environments (dev, test, prod, cloud).
Broader Data Security Enablement
  • Collaborate with AppSec/Product Security on secure coding practices related to data handling.
  • Work with Cloud/Infra Security teams on encryption, key management, and access controls.
  • Provide reporting on classification coverage, remediation progress, and risk trends.
  • Support compliance efforts (ISO, SOC 2, NIST PMF) by ensuring accurate data governance evidence.
Qualifications
  • 5+ years in data security, privacy engineering, or product security roles.
  • Hands-on experience with data classification/privacy platforms integrated into engineering workflows.
  • Strong technical background with source code repositories, CI/CD pipelines, and scanning tools.
  • Deep knowledge of data security practices: classification, encryption, access control, minimization, retention, deletion.
  • Experience embedding privacy/security into SDLC ( shift-left ).
  • Familiarity with compliance frameworks (ISO 27001, SOC 2, NIST Privacy Framework) as context, not focus
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.