Security Engineer - Privacy
About the Role:
As a Security Engineer on Privacy at Gusto, you will play a crucial role in maintaining and enhancing our privacy programs. You will leverage your technical expertise to ensure privacy considerations are integrated into product design, development, and compliance processes. Your focus will be on developing and maintaining privacy solutions, particularly related to data deletion systems, Data Subject Access Rights (DSAR) integrations, and the upkeep of our privacy management system and Data Discovery Scanners.
About the Team:
Our Privacy Engineering team, as part of Gusto’s Security organization, focuses on designing and implementing privacy-preserving product and internal solutions.The Security team’s mission is to be the most trustworthy place for customer data, and Privacy Engineering provides the technical expertise to achieve that goal. Members of the team are champions for user privacy. We collaborate closely with legal and product engineering teams to translate legal requirements into engineering solutions and ensure our products meet the highest standards for privacy.
Here’s what you’ll do day-to-day:
Privacy Solutions Development: Design and implement systems for data deletion and DSAR integrations within our privacy management platforms. Ensure these solutions are scalable, efficient, and compliant with global privacy regulations.
Privacy Systems Maintenance: Oversee the maintenance and updates of our privacy management system, orchestration tools, and infrastructure ensuring it aligns with the latest privacy laws and company policies. Work closely with cross-functional teams to implement changes and improvements.
Data Discovery and Mapping: Manage and enhance Data Discovery Scanners to ensure accurate mapping and inventory of personal data across business systems. Use these tools to support compliance with HIPAA, GDPR, CCPA, CPRA, and other relevant regulations.
Technical Compliance Integration: Translate privacy laws and requirements into technical specifications for development teams. Ensure that privacy by design is incorporated into all stages of product and system development.
Collaboration and Support: Partner with legal, compliance, engineering, and product teams to provide technical support and guidance on privacy-related projects. Act as a liaison to ensure seamless integration of privacy solutions across various departments.
Here’s what we're looking for:
Minimum 5 years of experience in technical privacy engineering, security engineering, or data protection roles and minimum 3 years of experience in software engineering roles.
Proficiency in developing and maintaining privacy management systems and data discovery tools.
Proficiency in Ruby on Rails, Python, and AWS infrastructure
Strong understanding of privacy laws and technical compliance measures, including experience with DSAR orchestration processes.
Excellent problem-solving and communication skills, with the ability to work collaboratively across teams.
Nice to Have:
Experience with privacy management platforms like OneTrust.
IAPP Certified Information Privacy Technologist (CIPT) certification or equivalent.
Familiarity with data anonymization, pseudonymization, and encryption techniques.
Our cash compensation amount for this role is targeted at $175,000/yr to $190,000/yr in Denver & most remote locations, and $210,000/yr to $230,000/yr in New York & San Francisco Bay Area. Stock equity is additional. Final offer amounts are determined by multiple factors including candidate experience and expertise and may vary from the amounts listed above.
About the job
Apply for this position
Security Engineer - Privacy
About the Role:
As a Security Engineer on Privacy at Gusto, you will play a crucial role in maintaining and enhancing our privacy programs. You will leverage your technical expertise to ensure privacy considerations are integrated into product design, development, and compliance processes. Your focus will be on developing and maintaining privacy solutions, particularly related to data deletion systems, Data Subject Access Rights (DSAR) integrations, and the upkeep of our privacy management system and Data Discovery Scanners.
About the Team:
Our Privacy Engineering team, as part of Gusto’s Security organization, focuses on designing and implementing privacy-preserving product and internal solutions.The Security team’s mission is to be the most trustworthy place for customer data, and Privacy Engineering provides the technical expertise to achieve that goal. Members of the team are champions for user privacy. We collaborate closely with legal and product engineering teams to translate legal requirements into engineering solutions and ensure our products meet the highest standards for privacy.
Here’s what you’ll do day-to-day:
Privacy Solutions Development: Design and implement systems for data deletion and DSAR integrations within our privacy management platforms. Ensure these solutions are scalable, efficient, and compliant with global privacy regulations.
Privacy Systems Maintenance: Oversee the maintenance and updates of our privacy management system, orchestration tools, and infrastructure ensuring it aligns with the latest privacy laws and company policies. Work closely with cross-functional teams to implement changes and improvements.
Data Discovery and Mapping: Manage and enhance Data Discovery Scanners to ensure accurate mapping and inventory of personal data across business systems. Use these tools to support compliance with HIPAA, GDPR, CCPA, CPRA, and other relevant regulations.
Technical Compliance Integration: Translate privacy laws and requirements into technical specifications for development teams. Ensure that privacy by design is incorporated into all stages of product and system development.
Collaboration and Support: Partner with legal, compliance, engineering, and product teams to provide technical support and guidance on privacy-related projects. Act as a liaison to ensure seamless integration of privacy solutions across various departments.
Here’s what we're looking for:
Minimum 5 years of experience in technical privacy engineering, security engineering, or data protection roles and minimum 3 years of experience in software engineering roles.
Proficiency in developing and maintaining privacy management systems and data discovery tools.
Proficiency in Ruby on Rails, Python, and AWS infrastructure
Strong understanding of privacy laws and technical compliance measures, including experience with DSAR orchestration processes.
Excellent problem-solving and communication skills, with the ability to work collaboratively across teams.
Nice to Have:
Experience with privacy management platforms like OneTrust.
IAPP Certified Information Privacy Technologist (CIPT) certification or equivalent.
Familiarity with data anonymization, pseudonymization, and encryption techniques.
Our cash compensation amount for this role is targeted at $175,000/yr to $190,000/yr in Denver & most remote locations, and $210,000/yr to $230,000/yr in New York & San Francisco Bay Area. Stock equity is additional. Final offer amounts are determined by multiple factors including candidate experience and expertise and may vary from the amounts listed above.