Data Privacy & Protection Engineer

Description :

Key Responsibilities :

- Develop, implement, and maintain data privacy policies and frameworks aligned with GDPR, CCPA, HIPAA, and other applicable regulations.

- Conduct regular privacy impact assessments (PIAs) and data protection impact assessments (DPIAs) for new projects and systems.

- Collaborate with IT, Legal, and Business teams to design privacy-by-design processes for applications and services.

- Monitor and respond to data privacy incidents, breaches, and requests from data subjects.

- Conduct internal audits, risk assessments, and gap analyses related to data privacy and protection.

- Maintain records of processing activities and ensure data mapping accuracy across the organization.

- Provide training and awareness programs to staff on privacy regulations, policies, and best practices.

- Advise on data transfer mechanisms, including cross-border data flows and contractual agreements.

- Stay up-to-date with emerging data protection trends, regulations, and technologies.

Technical Skills & Tools :

- Strong knowledge of data privacy frameworks : GDPR, CCPA, HIPAA, ISO 27701, SOC 2.

- Experience with data protection technologies : encryption tools, DLP (Data Loss Prevention), tokenization, masking.

- Proficiency in identity and access management (IAM) systems.

- Familiarity with cloud platforms and their compliance tools : AWS, Azure, GCP.

- Experience with privacy management tools : OneTrust, TrustArc, BigID, or similar.

- Working knowledge of security standards : ISO 27001, NIST, SOC frameworks.

- Hands-on experience in audit tools, logging, and monitoring for sensitive data access.

- Understanding of data lifecycle management, data retention, and secure disposal practices.

Key Soft Skills :

- Strong analytical and problem-solving skills.

- Excellent communication and stakeholder management capabilities.

- Ability to interpret complex regulations and translate them into actionable policies.

- High attention to detail and strong organizational skills.

Qualifications :

- Bachelors or Masters degree in Computer Science, Information Security, Law, or related fields.

- Certifications preferred : CIPP/E, CISM, CIPM, CISSP, ISO 27001 Lead Implementer/Auditor.

- Minimum 3-8 years experience in data privacy, compliance, or information security roles