Data Security & Privacy Contractor

Overview

On Site
Accepts corp to corp applications
Contract - W2
Contract - Independent
Contract - 12 Month(s)

Skills

Compliance
CI/CD
Data Security
NIST
DATA FLOW

Job Details

Role: : Data Security & Privacy Contractor
Job Type: Contract (6 months, extension possible)
Location: San Jose(From Day 1 Onsite)

Role Overview:

We are seeking a hands-on Data Security & Privacy Contractor to embed privacy and security into our development lifecycle. This role will act as the administrator of our data security/privacy platform, connecting it into engineering environments, driving data classification, data flow and lineage and partnering with teams to secure data flows. The focus is on enabling a shift-left model where data governance and protection become part of how products are designed, built, and released.

Key Responsibilities:

Platform Administration & Engineering Integration

  • Administer and configure the data security/privacy platform.
  • Integrate the platform into source code repositories, CI/CD pipelines, and engineering systems.
  • Analyze scan results, triage anomalies/false positives, and collaborate with developers on remediation.
  • Ensure outputs are actionable and embedded into day-to-day dev workflows.

Data Flow Understanding & Classification

  • Partner with engineering to map data flows (customer, employee, PII, sensitive data).
  • Build and maintain data classification models within the platform.
  • Validate classifications with engineering teams and incorporate into design reviews.
  • Package outputs into product-level deliverables for data security posture.

Shift-Left Data Security

  • Champion a "privacy by design / security by design" approach in product development.
  • Integrate data security checks early in the SDLC and CI/CD pipelines.
  • Define guardrails for handling PII and sensitive data with engineering leadership.
  • Identify and fix risky data practices before release.

Data Lifecycle Management

  • Develop and enforce policies for data retention, archival, and secure deletion.
  • Minimize storage of sensitive data in non-production systems, logs, and backups.
  • Work with engineering and DevOps to ensure encryption and access control at every stage of the lifecycle.
  • Establish processes for monitoring data movement across environments (dev, test, prod, cloud).

Broader Data Security Enablement

  • Collaborate with AppSec/Product Security on secure coding practices related to data handling.
  • Work with Cloud/Infra Security teams on encryption, key management, and access controls.
  • Provide reporting on classification coverage, remediation progress, and risk trends.
  • Support compliance efforts (ISO, SOC 2, NIST PMF) by ensuring accurate data governance evidence.

Qualifications

  • 5+ years in data security, privacy engineering, or product security roles.
  • Hands-on experience with data classification/privacy platforms integrated into engineering workflows.
  • Strong technical background with source code repositories, CI/CD pipelines, and scanning tools.
  • Deep knowledge of data security practices: classification, encryption, access control, minimization, retention, deletion.
  • Experience embedding privacy/security into SDLC ("shift-left").
  • Familiarity with compliance frameworks (ISO 27001, SOC 2, NIST Privacy Framework) as context, not focus.
  • Excellent communication skills to align engineering and compliance stakeholders.

Thanks & Regards,
Shubham Kumar
Last Word Consulting Inc.
Direct: +1
Office: +1- Ext 418
Email:

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.